home

160811_ge_test.exe

KCS-Downloader

KAMUSE Co.,Ltd.

Publisher:
Kamuse, Incorporated  (signed by KAMUSE Co.,Ltd.)

Product:
KCS-Downloader

Version:
2.6.0

MD5:
3e5e639dcd6c38e29d5bfe652c5e8760

SHA-1:
3d2335bbbc320531a30010e633e62ba37767aa51

SHA-256:
6415c6c3d606e65577d06ea2a29b0b44c5b00f6a4296a2dc7e6c00d907dfae56

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/27/2024 6:07:48 AM UTC  (today)

File size:
1.3 MB (1,394,736 bytes)

Product version:
2.6.0

Copyright:
ⓒ 2001-2013 Kamuse Inc.

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\160811_ge_test.exe

Digital Signature
Signed by:
KAMUSE Co.,Ltd.

Authority:
Symantec Corporation

Valid from:
1/4/2016 9:00:00 AM

Valid to:
1/4/2019 8:59:59 AM

Subject:
CN="KAMUSE Co.,Ltd.", O="KAMUSE Co.,Ltd.", L=Gangnam-gu, S=Seoul, C=KR, SERIALNUMBER=120-86-25537, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=KR

Issuer:
CN=Symantec Class 3 Extended Validation Code Signing CA - G2, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
2A034699A10BB6C17D6434FE0D3AB386

File PE Metadata
Compilation timestamp:
8/16/2016 4:00:59 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:rK6+6CqKysm1B8MsIHx2WB9Jd5BNs9bhhQjdzjRmq6K:rK6im38RIfB9Jd5BN2h2dfYq6K

Entry address:
0x54002

Entry point:
E8, 2B, 96, 00, 00, E9, 16, FE, FF, FF, 83, 3D, 38, 2D, 47, 00, 00, 74, 15, 68, 38, 2D, 47, 00, E8, 31, 97, 00, 00, 85, C0, 59, 74, 06, FF, 15, 38, 2D, 47, 00, E8, CD, 58, 00, 00, 85, C0, 74, 07, 50, E8, 73, 5A, 00, 00, 59, FF, 74, 24, 04, FF, 15, 58, F1, 46, 00, CC, 6A, 0C, 68, F8, 07, 48, 00, E8, DF, 1B, 00, 00, E8, 1D, 59, 00, 00, 83, 65, FC, 00, FF, 70, 58, FF, 50, 54, 50, E8, A6, FF, FF, FF, 8B, 45, EC, 8B, 08, 8B, 09, 89, 4D, E4, 50, 51, E8, 03, 8D, 00, 00, 59, 59, C3, 8B, 65, E8, FF, 75, E4, E8, 01...
 
[+]

Entropy:
6.4255

Code size:
440 KB (450,560 bytes)

Scan 160811_ge_test.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.