home

updater.exe

北京指尖互联信息技术有限公司

Publisher:
北京指尖互联信息技术有限公司  (signed and verified)

MD5:
caa3d142b5a0f0cf74cf8ad8aac79e8f

SHA-1:
bd03c9b1baffedad9374b1107afd79981f84a826

SHA-256:
eff35b99a7a73f8849c50cc63783ba36ac946f51f21b8ad158944d93d9abfc8a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/29/2024 11:10:36 PM UTC  (a few moments ago)

File size:
112.8 KB (115,496 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\kingosoft\kingo root\update_54326\bin\updater.exe

Digital Signature
Signed by:
北京指尖互联信息技术有限公司

Authority:
VeriSign, Inc.

Valid from:
4/17/2014 5:30:00 AM

Valid to:
4/18/2015 5:29:59 AM

Subject:
CN=北京指尖互联信息技术有限公司, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=北京指尖互联信息技术有限公司, L=北京, S=北京, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0620F931CE3E5C5BBC43A10D99FDA0FB

File PE Metadata
Compilation timestamp:
4/7/2015 11:11:30 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:AlkPKj+J6VAx2xigIp+yHZjhd2rGj4tOOYHA3:ekKj9jIpNr26j4tOOYHG

Entry address:
0x6281

Entry point:
E8, 9D, 03, 00, 00, E9, 63, FD, FF, FF, 6A, 14, 68, A8, 69, 41, 00, E8, D9, 00, 00, 00, 83, 65, FC, 00, FF, 4D, 10, 78, 3A, 8B, 4D, 08, 2B, 4D, 0C, 89, 4D, 08, FF, 55, 14, EB, ED, 8B, 45, EC, 89, 45, E4, 8B, 45, E4, 8B, 00, 89, 45, E0, 8B, 45, E0, 81, 38, 63, 73, 6D, E0, 74, 0B, C7, 45, DC, 00, 00, 00, 00, 8B, 45, DC, C3, E8, E7, 03, 00, 00, 8B, 65, E8, C7, 45, FC, FE, FF, FF, FF, E8, CF, 00, 00, 00, C2, 10, 00, 6A, 0C, 68, C8, 69, 41, 00, E8, 7B, 00, 00, 00, 83, 65, E4, 00, 8B, 75, 0C, 8B, C6, 0F, AF, 45...
 
[+]

Entropy:
7.1474

Code size:
25.5 KB (26,112 bytes)

Scan updater.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.