home

vsee.exe

vsee

VSee Lab, Inc.

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘VSee’. This is installed with VSee. The file has been seen being downloaded from download.vsee.com and multiple other hosts.
Publisher:
VSee Lab, Inc.  (signed and verified)

Product:
vsee

Version:
14, 0, 0, 220

MD5:
705b23eb6ecfe141cafce6d7a31cf94f

SHA-1:
563b9f427b9fcc17aa2289476b358956b916627c

SHA-256:
c6b2d299eeed5a8c772a9fcc9fbf9fc1b215994c2fe7a97ddb490eaeabca4db4

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 9:47:36 AM UTC  (today)

File size:
21.9 MB (22,985,240 bytes)

Product version:
14, 0, 0, 220

Copyright:
Copyright 2003-2014 VSee Lab, Inc.

Trademarks:
vsee

Original file name:
vsee.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\vseeinstall\vsee.exe

Digital Signature
Signed by:
VSee Lab, Inc.

Authority:
COMODO CA Limited

Valid from:
10/31/2012 1:00:00 AM

Valid to:
11/1/2014 12:59:59 AM

Subject:
CN="VSee Lab, Inc.", O="VSee Lab, Inc.", STREET=3188 Kimlee Dr., L=San Jose, S=CA, PostalCode=95132, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
413C4A0DDDCDDB7C2796AA145A32F943

File PE Metadata
Compilation timestamp:
2/21/2014 8:01:56 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
393216:DTSiPbnFb5XkiUkibvBEIQCftubV08LWoV:DTtfkLnJ6booV

Entry address:
0x5920CA

Entry point:
E8, BB, 7B, 01, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, A3, 78, 97, 45, 01, 5D, C3, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A1, C4, D3, 40, 01, 33, C5, 89, 45, FC, 53, 8B, 5D, 08, 57, 83, FB, FF, 74, 07, 53, E8, 1D, 7C, 01, 00, 59, 83, A5, E0, FC, FF, FF, 00, 6A, 4C, 8D, 85, E4, FC, FF, FF, 6A, 00, 50, E8, F0, 04, 00, 00, 8D, 85, E0, FC, FF, FF, 89, 85, D8, FC, FF, FF, 8D, 85, 30, FD, FF, FF, 83, C4, 0C, 89, 85, DC, FC, FF, FF, 89, 85, E0, FD, FF, FF, 89, 8D, DC, FD, FF, FF, 89, 95, D8...
 
[+]

Entropy:
6.7948

Code size:
12.8 MB (13,454,336 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
VSee

Command:
"C:\users\{user}\appdata\roaming\vseeinstall\vsee.exe" -quiet_start


The file vsee.exe has been discovered within the following program.

VSee  by VSee Lab Inc
vsee.com
About 2% of users remove it
 
Powered by Should I Remove It?

The file vsee.exe has been seen being distributed by the following 3 URLs.

http://download.vsee.com/vsee.exe

http://d2q5hugz2rti4w.cloudfront.net/builds/.../vsee220_2305-r26.3_ga.exe

https://download.vsee.com/vsee.exe

Scan vsee.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.