kcssetup.exe

Kaseya Agent Installer

Kaseya Limited

This is a self-extracting archive and installer. The file has been seen being downloaded from kaseya.imi.gov.my.
Publisher:
Kaseya  (signed by Kaseya Limited)

Product:
Kaseya Agent Installer

Version:
9, 2, 0, 0

MD5:
08d1aea19f68fcf119c617f065852553

SHA-1:
1937a2ca33046f869d8dff71b516ac529f8f2408

SHA-256:
6f6c765d859058b73980e31bb7a773982de04b3e8ba549582a92736f63b6d158

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 3:26:07 AM UTC  (today)

File size:
14.1 MB (14,758,360 bytes)

Product version:
9, 2, 0, 0

Copyright:
Copyright © 2001-2015 Kaseya International Limited. All Rights Reserved.

Trademarks:
Kaseya Virtual System Administrator (tm)

Original file name:
VarAgentSetup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\kcssetup.exe

Digital Signature
Signed by:

Authority:
GlobalSign nv-sa

Valid from:
3/31/2016 7:19:55 AM

Valid to:
4/1/2019 7:19:55 AM

Subject:
CN=Kaseya Limited, O=Kaseya Limited, L=Dublin, S=Dublin, C=IE

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121E77E7AEF43509B98AA930DB8337D0AB0

File PE Metadata
Compilation timestamp:
5/17/2016 1:47:01 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
196608:jTdzivkr75PxoQKmVSVblvV7bsTfRCibtdtPUaHMRgmGyGC6NYGlmzQmKi:NzVtPWmVSVvsAaVUaHMRRT8r8QFi

Entry address:
0x4C28

Entry point:
E9, 17, 19, 05, 00, E9, 22, E5, 03, 00, E9, CE, 6C, 07, 00, E9, CC, F5, 02, 00, E9, BA, 9B, 02, 00, E9, 9A, C9, 00, 00, E9, 58, 0A, 05, 00, E9, B2, DB, 07, 00, E9, FB, A2, 00, 00, E9, E4, 98, 09, 00, E9, 17, 37, 03, 00, E9, 09, 44, 04, 00, E9, 33, 58, 08, 00, E9, BB, 9B, 02, 00, E9, A8, D5, 08, 00, E9, 9B, A4, 04, 00, E9, 94, BC, 09, 00, E9, 47, B9, 09, 00, E9, A0, A0, 08, 00, E9, 05, CB, 03, 00, E9, B2, 4C, 0A, 00, E9, CC, 6D, 06, 00, E9, 85, 4B, 0B, 00, E9, DE, 3A, 06, 00, E9, 0C, E0, 06, 00, E9, 8A, D3...
 
[+]

Entropy:
7.2527

Developed / compiled with:
Microsoft Visual C++ 8.0 (Debug)

Code size:
777.5 KB (796,160 bytes)

The file kcssetup.exe has been seen being distributed by the following URL.

Scan kcssetup.exe - Powered by Reason Core Security