9ku_setup.exe

河南九酷网络科技有限公司

This is a self-extracting archive and installer. The file has been seen being downloaded from box.9ku.com.
Publisher:
河南九酷网络科技有限公司  (signed and verified)

MD5:
e255900e9925b6a40afffbef71aa19a5

SHA-1:
544d2a0b5e03875904a932abc6b956296abab603

SHA-256:
e04dec287076777eb55b8484ff6ca5a58575962e135c3dcc5f761446d3a02508

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 12:12:38 AM UTC  (today)

File size:
12.9 MB (13,487,344 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\9ku_setup.exe

Digital Signature
Authority:
WoSign CA Limited

Valid from:
2/9/2015 10:35:58 AM

Valid to:
2/9/2016 10:35:58 AM

Subject:
CN=河南九酷网络科技有限公司, O=河南九酷网络科技有限公司, L=郑州市, S=河南省, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
68EC4B0A238DA9E5964C87574CC65672

File PE Metadata
Compilation timestamp:
4/30/2015 1:47:16 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
196608:XjQDxJRyTwdIZdlmF1lu9mP0lu8i8qEnkbu3izz8aBZ/8Lh+le+pZutQdUTZGRvH:Xj4J4gmlmF1I9Ply2nkq8oaQ4IQgLq2M

Entry address:
0xE53001

Entry point:
60, E8, 03, 00, 00, 00, E9, EB, 04, 5D, 45, 55, C3, E8, 01, 00, 00, 00, EB, 5D, BB, ED, FF, FF, FF, 03, DD, 81, EB, 00, 30, E5, 00, 83, BD, 22, 04, 00, 00, 00, 89, 9D, 22, 04, 00, 00, 0F, 85, 65, 03, 00, 00, 8D, 85, 2E, 04, 00, 00, 50, FF, 95, 4D, 0F, 00, 00, 89, 85, 26, 04, 00, 00, 8B, F8, 8D, 5D, 5E, 53, 50, FF, 95, 49, 0F, 00, 00, 89, 85, 4D, 05, 00, 00, 8D, 5D, 6B, 53, 57, FF, 95, 49, 0F, 00, 00, 89, 85, 51, 05, 00, 00, 8D, 45, 77, FF, E0, 56, 69, 72, 74, 75, 61, 6C, 41, 6C, 6C, 6F, 63, 00, 56, 69, 72...
 
[+]

Entropy:
7.9798

Packer / compiler:
ASPack v2.12

Code size:
1.9 MB (2,002,944 bytes)

The file 9ku_setup.exe has been seen being distributed by the following URL.

Scan 9ku_setup.exe - Powered by Reason Core Security