k-plugin.exe

K-Defense Installer

Kings Information & Network Co., Ltd.

Publisher:
Kings Information & Network Co., Ltd  (signed by Kings Information & Network Co., Ltd.)

Product:
K-Defense Installer

Description:
installkdf R6 414071601

Version:
6.1.4.9

MD5:
edf680d8153b38e71c3d25e5469f5cf8

SHA-1:
205ea3b53f72eb2113beac6dbd14fe9d6bf4b969

SHA-256:
a0d4df3bf9872efebcdfceb750d490b98ab2c3074f6649457ec6cc3ddcecb85c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/26/2024 10:16:20 PM UTC  (today)

File size:
8.8 MB (9,184,128 bytes)

Product version:
K-Defense R6

Copyright:
Copyright (C) 2013 Kings Information & Network

Original file name:
installkdf.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\k-plugin.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
8/13/2013 9:00:00 AM

Valid to:
9/13/2014 8:59:59 AM

Subject:
CN="Kings Information & Network Co., Ltd.", OU=Business Support Department, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Kings Information & Network Co., Ltd.", L=Hanamsi, S=Gyeonggido, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
141647F7F25B6F6C4A132B4C592E800A

File PE Metadata
Compilation timestamp:
7/18/2014 1:39:06 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
196608:2E5lu4CRSY+8nHh/7n3xAi6c4zV+dGq50T/QAi3Ai7LVvw:CtRTu/VBKVvw

Entry address:
0x104F5B

Entry point:
E8, 73, A9, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 55, 08, 56, 57, 85, D2, 74, 07, 8B, 7D, 0C, 85, FF, 75, 13, E8, 0E, 04, 00, 00, 6A, 16, 5E, 89, 30, E8, FA, 77, 00, 00, 8B, C6, EB, 33, 8B, 45, 10, 85, C0, 75, 04, 88, 02, EB, E2, 8B, F2, 2B, F0, 8A, 08, 88, 0C, 06, 40, 84, C9, 74, 03, 4F, 75, F3, 85, FF, 75, 11, C6, 02, 00, E8, D8, 03, 00, 00, 6A, 22, 59, 89, 08, 8B, F1, EB, C6, 33, C0, 5F, 5E, 5D, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8...
 
[+]

Entropy:
6.5404

Code size:
1.2 MB (1,208,832 bytes)

The file k-plugin.exe has been seen being distributed by the following 2 URLs.

Scan k-plugin.exe - Powered by Reason Core Security