ar5kitcht.exe

PackageForTheWeb Stub

Adobe Systems, Incorporated

The program is a setup application that uses the InstallShield Setup installer.
Publisher:
InstallShield Software Corporation  (signed by Adobe Systems, Incorporated)

Product:
PackageForTheWeb Stub

Version:
2.02.001

MD5:
519d74f9dbd50f1ea2bf4523447069c5

SHA-1:
210ee47cac953fdb2446d5378d74b2322fc09543

SHA-256:
69a1460e0208e174b9f10cd01b8b8d0b4e0e83a11948b6c520aeb8f1b766f7cd

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/16/2024 3:22:42 PM UTC  (today)

File size:
9.7 MB (10,220,760 bytes)

Product version:
2.02.001

Copyright:
Copyright © 1996 InstallShield Software Corporation

Original file name:
STUB32.EXE

File type:
Executable application (Win32 EXE)

Installer:
InstallShield Setup

Common path:
C:\users\{user}\downloads\danqing\danqing\acrobat reader 5.0\ar5kitcht.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
10/12/2001 8:00:00 AM

Valid to:
10/31/2002 7:59:59 AM

Subject:
OU=Acrobat Engineering, CN="Adobe Systems, Incorporated", L=San Jose, S=CA, C=US, OU=Digital ID Class 3 - Microsoft Software Validation v2, OU="www.verisign.com/repository/RPA Incorp. by Ref.,LIAB.LTD(c)98", OU=VeriSign Commercial Software Publishers CA, O="VeriSign, Inc.", L=Internet

Issuer:
OU=VeriSign Commercial Software Publishers CA, O="VeriSign, Inc.", L=Internet

Serial number:
1690D6030E2E63E258F9908B4BD968A9

File PE Metadata
Compilation timestamp:
3/26/1998 10:31:20 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
196608:XEMmTreQWTNkW5YADc+OdnummpI4J4Jzn3W/iyd98TYULSHxq/1688:XoqRkWTOdnuI04J6/i498TsRWO

Entry address:
0xC110

Entry point:
55, 8B, EC, 6A, FF, 68, 40, 21, 41, 00, 68, 68, EC, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, C4, A8, 53, 56, 57, 89, 65, E8, FF, 15, 58, A4, 41, 00, 33, D2, 8A, D4, 89, 15, 38, 74, 41, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 34, 74, 41, 00, C1, E1, 08, 03, CA, 89, 0D, 30, 74, 41, 00, C1, E8, 10, A3, 2C, 74, 41, 00, E8, 94, 01, 00, 00, 85, C0, 75, 0A, 6A, 1C, E8, 39, 01, 00, 00, 83, C4, 04, C7, 45, FC, 00, 00, 00, 00, E8, EA, 27, 00, 00, E8, D5, 27, 00, 00, FF, 15, 5C, A4, 41...
 
[+]

Entropy:
7.9973

Developed / compiled with:
Microsoft Visual C++

Code size:
67.5 KB (69,120 bytes)

The file ar5kitcht.exe has been seen being distributed by the following 3 URLs.

ftp://ftp.adobe.com/pub/adobe/acrobatreader/win/.../ar5kitcht.exe

http://61.222.3.63/75d2bf25da97dcce21091b8deb40d0c0/softking/soft/en/.../ar5kitcht.exe

http://61.222.3.60/6c124285a9947a52ca43dfdae74bdc84/softking/soft/en/.../ar5kitcht.exe