home

vsee.exe

vsee

VSee Lab, Inc.

This is a setup program which is used to install the application. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘VSee’. This is installed with VSee. The file has been seen being downloaded from d2q5hugz2rti4w.cloudfront.net and multiple other hosts.
Publisher:
VSee Lab, Inc.  (signed and verified)

Product:
vsee

Version:
14, 0, 0, 808

MD5:
0122fde0fcb5b581a3549e935b56ed43

SHA-1:
b15f2f8a94eea8da1f3eedb505133c115e9c9eba

SHA-256:
1486e0a79e708013889832a1e53394d6cf7d7f75c667093a16c920b88ba9813f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 11:45:35 AM UTC  (today)

File size:
21.6 MB (22,674,968 bytes)

Product version:
14, 0, 0, 808

Copyright:
Copyright 2003-2014 VSee Lab, Inc.

Trademarks:
vsee

Original file name:
vsee.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\vseeinstall\vsee.exe

Digital Signature
Signed by:
VSee Lab, Inc.

Authority:
COMODO CA Limited

Valid from:
10/30/2012 8:00:00 PM

Valid to:
10/31/2014 7:59:59 PM

Subject:
CN="VSee Lab, Inc.", O="VSee Lab, Inc.", STREET=3188 Kimlee Dr., L=San Jose, S=CA, PostalCode=95132, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
413C4A0DDDCDDB7C2796AA145A32F943

File PE Metadata
Compilation timestamp:
8/9/2014 12:18:26 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
393216:Ke8AmBa1Gh6wDHGoEFoJZ0ngtaZirdO82V5g:Ke1mN1G+JjdOhV

Entry address:
0x5D6307

Entry point:
E8, DA, 7D, 01, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, A3, 40, 56, 48, 01, 5D, C3, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A1, 00, 9F, 43, 01, 33, C5, 89, 45, FC, 53, 8B, 5D, 08, 57, 83, FB, FF, 74, 07, 53, E8, 3C, 7E, 01, 00, 59, 83, A5, E0, FC, FF, FF, 00, 6A, 4C, 8D, 85, E4, FC, FF, FF, 6A, 00, 50, E8, F3, 04, 00, 00, 8D, 85, E0, FC, FF, FF, 89, 85, D8, FC, FF, FF, 8D, 85, 30, FD, FF, FF, 83, C4, 0C, 89, 85, DC, FC, FF, FF, 89, 85, E0, FD, FF, FF, 89, 8D, DC, FD, FF, FF, 89, 95, D8...
 
[+]

Code size:
13 MB (13,667,840 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
VSee

Command:
"C:\users\{user}\appdata\roaming\vseeinstall\vsee.exe" -quiet_start


The file vsee.exe has been discovered within the following program.

VSee  by VSee Lab Inc
vsee.com
About 2% of users remove it
 
Powered by Should I Remove It?

The file vsee.exe has been seen being distributed by the following 4 URLs.

http://d2q5hugz2rti4w.cloudfront.net/builds/.../vsee808_2119-r30_ga.exe

http://download.vsee.com/vsee.exe

https://d2q5hugz2rti4w.cloudfront.net/builds/.../vsee808_2119-r30_ga.exe

https://download.vsee.com/vsee.exe

Scan vsee.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.