android_root.exe

Kingo ROOT

北京指尖互联信息技术有限公司

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from www.techspot.com and multiple other hosts.
Publisher:
Kingosoft Technology Ltd.   (signed by 北京指尖互联信息技术有限公司)

Product:
Kingo ROOT

Description:
Kingo ROOT Setup

Version:
1.3.9.2351

MD5:
a38fc5ba1c188b59404c26be915b448a

SHA-1:
1cedde7d2af8fb9593e1b069ebd96f61d70a3a58

SHA-256:
dc0014919618d02d4d387a028e62499142fcf05fa691c65b46f534a271e0a845

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/25/2024 8:18:29 AM UTC  (today)

Scan engine
Detection
Engine version

Quick Heal
(Suspicious) - DNAScan
6.15.14.00

File size:
17.2 MB (18,025,840 bytes)

Product version:
1.3.9.2351

Copyright:
Copyright (c) 2001-2015 Kingosoft Technology Ltd.

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Common path:
C:\users\{user}\downloads\programs\android_root.exe

Digital Signature
Authority:
Symantec Corporation

Valid from:
4/20/2015 2:00:00 AM

Valid to:
5/20/2016 2:59:59 AM

Subject:
CN=北京指尖互联信息技术有限公司, O=北京指尖互联信息技术有限公司, L=北京, S=北京, C=CN

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
2E0A6C6B982D2678272006E705F33D0E

File PE Metadata
Compilation timestamp:
12/20/2011 4:16:50 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
393216:f2MLTHM+0Z8NFDO/wqMKlBngr8InvKyx0tD4BulFWOf9gDjstA8:TPMpOvDOY4vW8ICyx0tD4BpOf6sA8

Entry address:
0x16478

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, B0, 52, 41, 00, E8, AC, 03, FF, FF, 33, C0, 55, 68, 45, 6B, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 01, 6B, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, AB, 41, 00, E8, 4E, EC, FF, FF, E8, F5, E7, FF, FF, 8D, 55, EC, 33, C0, E8, 7F, 84, FF, FF, 8B, 55, EC, B8, AC, D6, 41, 00, E8, E2, E9, FE, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, AC, D6, 41, 00, B2, 01...
 
[+]

Entropy:
7.9993

Developed / compiled with:
Microsoft Visual C++

Code size:
84 KB (86,016 bytes)

The file android_root.exe has been seen being distributed by the following 37 URLs.

http://www.techspot.com/downloads/downloadnow/.../?evp=3589aea352ea3d647eb267168f709d7b&file=1

https://downloader.disk.yandex.ru/disk/4f43ce1558e378e425e43bfbe4954e4502036a17211c5b87911c3adb8ad9e652/5877cb32/.../x-msdownload&fsize=18025840&hid=9c91a0e0995f6c53d2b9c448f29570a3&media_type=executable&tknv=v2

http://download1852.mediafire.com/6dnbqq1x2gdg/.../Kingo ROOT.exe

https://downloader.disk.yandex.ru/disk/08bb8fb48d639c6b80415dcebf61be243ae3f0ace6e1466df967c092d1dd853f/58516aee/.../x-msdownload&fsize=18025840&hid=9c91a0e0995f6c53d2b9c448f29570a3&media_type=executable&tknv=v2

https://downloader.disk.yandex.ua/disk/77d88f56c23534d8a43b7c40c0b92c470862f3e256beaee5451e7b6693d2f8ff/57c6df3e/.../x-msdownload&fsize=18025840&hid=9c91a0e0995f6c53d2b9c448f29570a3&media_type=executable&tknv=v2

https://downloader.disk.yandex.ua/disk/ce75d1389ff7ec5b6d54afc61783f8553f84962b84967603d4176076f7564f08/58233d36/.../x-msdownload&fsize=18025840&hid=9c91a0e0995f6c53d2b9c448f29570a3&media_type=executable&tknv=v2

http://fs06.trashload.ru/files10/.../kingo_android_root_1.3.9.exe

http://www.filehorse.com/download/file/.../

https://zima68f.storage.yandex.net/rdisk/fba887725bafd2afde29cd57eec393139da4708b2fd30e32cc8345cd8cb1748b/57f7c753/.../x-msdownload&fsize=18025840&hid=9c91a0e0995f6c53d2b9c448f29570a3&media_type=executable&tknv=v2&rtoken=vhgbLqfx3N9n&force_default=no&ycrid=na-bec899afabcdb5ec6a41a1b2675d4e2d-downloader10g

http://download1852.mediafire.com/gv0f15ktm6mg/.../Kingo ROOT.exe

https://downloader.disk.yandex.ru/disk/3794b3ff90bf57d44947fa78ffe737e7c484f659fda69d4e4f524d8aabcf13e7/5830a5ec/.../x-msdownload&fsize=18025840&hid=9c91a0e0995f6c53d2b9c448f29570a3&media_type=executable&tknv=v2

http://download660.mediafire.com/rtmq4ze6b4xg/.../Kingo ROOT.exe

http://soft.sptechs.com/dl.asp?i=107957

https://downloader.disk.yandex.ru/disk/8934524991590dc1e89ecc252acb2d5722d993fe08eb9f7e1ebb6c9826dc4298/57d00a4b/.../x-msdownload&fsize=18025840&hid=9c91a0e0995f6c53d2b9c448f29570a3&media_type=executable&tknv=v2

temp:kingo_root_1.3.9.exe

http://90.156.143.59/files10/.../kingo_android_root_1.3.9.exe

Latest 30 of 37 download URLs

Scan android_root.exe - Powered by Reason Core Security