home

vsee.exe

vsee

VSee Lab, Inc.

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘VSee’. This is installed with VSee. The file has been seen being downloaded from d2q5hugz2rti4w.cloudfront.net and multiple other hosts.
Publisher:
VSee Lab, Inc.  (signed and verified)

Product:
vsee

Version:
14, 0, 0, 411

MD5:
e8596368f93967ec217c3ff64a493e4a

SHA-1:
9a542361c2decb52f9e9e2ec9af879e366164d0e

SHA-256:
9e7e274c66d213c8ac7cb2efd77a17bbbd0bd824e81d364acd3b62ff23dfc618

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 11:47:14 AM UTC  (today)

File size:
21.9 MB (23,011,352 bytes)

Product version:
14, 0, 0, 411

Copyright:
Copyright 2003-2014 VSee Lab, Inc.

Trademarks:
vsee

Original file name:
vsee.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\vseeinstall\vsee.exe

Digital Signature
Signed by:
VSee Lab, Inc.

Authority:
COMODO CA Limited

Valid from:
10/30/2012 2:00:00 PM

Valid to:
10/31/2014 1:59:59 PM

Subject:
CN="VSee Lab, Inc.", O="VSee Lab, Inc.", STREET=3188 Kimlee Dr., L=San Jose, S=CA, PostalCode=95132, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
413C4A0DDDCDDB7C2796AA145A32F943

File PE Metadata
Compilation timestamp:
4/11/2014 2:40:24 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
393216:wmEa5/NTAf8pBF2rqHDJrLR2gnsVV7/InubkIgCqVFm:f95/NTA0dDVFeHbDqVF

Entry address:
0x5916F7

Entry point:
E8, 63, 7E, 01, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, A3, 78, 21, 45, 01, 5D, C3, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A1, C4, E3, 3F, 01, 33, C5, 89, 45, FC, 53, 8B, 5D, 08, 57, 83, FB, FF, 74, 07, 53, E8, C5, 7E, 01, 00, 59, 83, A5, E0, FC, FF, FF, 00, 6A, 4C, 8D, 85, E4, FC, FF, FF, 6A, 00, 50, E8, F3, 04, 00, 00, 8D, 85, E0, FC, FF, FF, 89, 85, D8, FC, FF, FF, 8D, 85, 30, FD, FF, FF, 83, C4, 0C, 89, 85, DC, FC, FF, FF, 89, 85, E0, FD, FF, FF, 89, 8D, DC, FD, FF, FF, 89, 95, D8...
 
[+]

Entropy:
6.7905

Code size:
12.8 MB (13,382,144 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
VSee

Command:
"C:\users\{user}\appdata\roaming\vseeinstall\vsee.exe" -quiet_start


The file vsee.exe has been discovered within the following program.

VSee  by VSee Lab Inc
vsee.com
About 2% of users remove it
 
Powered by Should I Remove It?

The file vsee.exe has been seen being distributed by the following 4 URLs.

https://d2q5hugz2rti4w.cloudfront.net/builds/.../vsee411_1743-r27_ga.exe

https://download.vsee.com/vsee.exe

http://d2q5hugz2rti4w.cloudfront.net/builds/.../vsee411_1743-r27_ga.exe

http://download.vsee.com/vsee.exe

Scan vsee.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.