home

kg-819v112.exe

KG- Application

This is a setup program which is used to install the application. The file has been seen being downloaded from wouxun.us.
Product:
KG- Application

Description:
KG819 MFC Application

Version:
1, 0, 0, 1

MD5:
c1d7130f455a85af06ab5f93ed531a0b

SHA-1:
87d6e00d091333dc665fe74170dbb232ebe4fe23

SHA-256:
36f25aa49b254745d6cd8067870bb90e2361a1eb8deb444b16bd97042b610c1c

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/24/2024 7:18:06 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.HfsAutoB
1.3.0.7237

Clam AntiVirus
Win.Trojan.Vbiframe-48
0.98/21511

IKARUS anti.virus
Virus.Win32.Trojan
t3scan.1.9.5.0

McAfee
Artemis!C1D7130F455A
5600.6410

File size:
505.5 KB (517,633 bytes)

Product version:
1, 0, 0, 1

Copyright:
All Right (C) 2009

Original file name:
KG-.EXE

File type:
Executable application (Win32 EXE)

Language:
Chinese

Common path:
C:\users\{user}\downloads\kg-819v112.exe

File PE Metadata
Compilation timestamp:
11/29/2009 2:20:45 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:12V82fjaxnrPaRPP0bRPP0VmPp9jTbgzVyKDGER:urILagqcpQVn9R

Entry address:
0x2CBD3

Entry point:
E8, 00, 00, 00, 00, 60, E8, 4F, 00, 00, 00, 5C, 04, 0D, B6, CA, 46, DB, CE, D8, E7, 44, 0F, CA, 82, E6, 2E, 17, 2B, 35, 92, 87, 82, DA, 9A, D2, 76, 8D, B6, 36, 39, B8, CC, F6, 0A, 82, AB, AE, C9, AF, 5D, A7, 07, 51, 15, F2, F7, A7, 22, DF, B4, A0, 91, 82, 3E, 65, 8C, DF, B4, A0, 91, 82, 3E, 65, 8C, E9, 2A, 6E, 00, 00, E9, 3E, 6E, 00, 00, E9, 39, 6E, 00, 00, E8, 6E, FB, FF, FF, CE, 03, 01, 00, A9, 9A, 00, 00, BF, BA, B7, A7, 6E, 27, 01, B2, E8, 9F, 54, 1B, 00, 0C, F1, F2, 34, A6, F0, C7, D1, A3, C9, 92, D2...
 
[+]

Entropy:
7.9045

Packer / compiler:
MoleBox v2.0

The file kg-819v112.exe has been seen being distributed by the following URL.

http://wouxun.us/Software/.../KG-819v112.exe

Scan kg-819v112.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.