» zkbioonline.exe
Overview
Analysis
File Details
Behaviors (1)

zkbioonline.exe

Xiamen ZKTeco Biometric Identification Technology Co.,ltd

It runs as a separate (within the context of its own process) windows Service named “ZKBIOOnline Service”.

File name:

zkbioonline.exe

Publisher:

Xiamen ZKTeco Biometric Identification Technology Co.,ltd (signed and verified)

MD5:

c2252143a3f610fb6a3cf9e77c857e6d

SHA-1:

aac874a780a5f771f9965b677c0e6ea4417b4467

SHA-256:

18da74a81d0ac16c67a4bf12112a3caa719002581a067bf1c862f30b5f80f6a9

Scanner detections:

1 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

6/3/2026 1:56:58 AM UTC (today)

Scan engine

Detection

Engine version

Dr.Web

probably BACKDOOR.Trojan

9.0.1.05190

File size:

289.8 KB (296,720 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\fponline\bin\zkbioonline.exe

Digital Signature

Signed by:

Xiamen ZKTeco Biometric Identification Technology Co.,ltd

Authority:

Symantec Corporation

Valid from:

1/14/2016 3:00:00 AM

Valid to:

1/14/2017 2:59:59 AM

Subject:

CN="Xiamen ZKTeco Biometric Identification Technology Co.,ltd", OU=IT, O="Xiamen ZKTeco Biometric Identification Technology Co.,ltd", L=Xiamen, S=Fujian, C=CN, SERIALNUMBER=91350200065869663P, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.1=Xiamen, OID.1.3.6.1.4.1.311.60.2.1.2=Fujian, OID.1.3.6.1.4.1.311.60.2.1.3=CN

Issuer:

CN=Symantec Class 3 Extended Validation Code Signing CA - G2, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

1DBF88E880E05CC2AFC10A4CBB7B6C12

File PE Metadata

Compilation timestamp:

4/24/2016 5:41:04 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

9.0

Entry address:

0x2632D

Entry point:

E8, 51, A7, 00, 00, E9, A4, FE, FF, FF, B8, D1, 15, 43, 00, A3, 60, 33, 44, 00, C7, 05, 64, 33, 44, 00, B8, 0C, 43, 00, C7, 05, 68, 33, 44, 00, 6C, 0C, 43, 00, C7, 05, 6C, 33, 44, 00, A5, 0C, 43, 00, C7, 05, 70, 33, 44, 00, 0E, 0C, 43, 00, A3, 74, 33, 44, 00, C7, 05, 78, 33, 44, 00, 49, 15, 43, 00, C7, 05, 7C, 33, 44, 00, 2A, 0C, 43, 00, C7, 05, 80, 33, 44, 00, 8C, 0B, 43, 00, C7, 05, 84, 33, 44, 00, 19, 0B, 43, 00, C3, 8B, FF, 55, 8B, EC, E8, 96, FF, FF, FF, E8, B7, B2, 00, 00, 83, 7D, 08, 00, A3, D4, 38... 
[+]

Entropy:

6.7739

Code size:

220.5 KB (225,792 bytes)

Service

Display name:

ZKBIOOnline Service

Description:

ZKTeco Biometric sensor httprestful api service

Type:

Win32OwnProcess

Scan zkbioonline.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.