home

kg-uv2d.exe

MS138 应用程序

This is a setup program which is used to install the application. The file has been seen being downloaded from wouxun.us.
Product:
MS138 应用程序

Description:
MFC Application

Version:
1, 0, 0, 1

MD5:
2c78bf80c58b856f0d4e0622de2d293b

SHA-1:
7860b37e13b75c5b95bf82042160bfb4012fdb22

SHA-256:
0a2be50062d2dfa5bc14bba0b1e9872364780a6ec2681dfc31574de880909e66

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/5/2024 9:52:27 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.CDB
1.3.0.4959

File size:
1.9 MB (2,029,617 bytes)

Product version:
1, 0, 0, 1

Copyright:
版权所有 (C) 2009

Original file name:
MS138.EXE

File type:
Executable application (Win32 EXE)

Language:
Chinese

Common path:
C:\users\{user}\downloads\kg-uv2d.exe

File PE Metadata
Compilation timestamp:
1/8/2011 10:56:00 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
49152:xW+vLTqsNQc9uQDCDrSUeTjFO8BylRlIu7A1NX0we:4+DTqMQ6CHOFOqylHIu7AJK

Entry address:
0x2EBD3

Entry point:
E8, 00, 00, 00, 00, 60, E8, 4F, 00, 00, 00, 09, 4E, D8, 9C, 2F, 66, 7B, 25, 6D, 08, 18, EB, 67, EA, E6, 03, C7, E9, D6, E4, 10, 36, 25, B8, 91, 43, 5F, F0, 9F, CF, F9, 73, D1, 36, 98, 61, 41, DB, A4, B5, 99, 13, 5E, 42, 06, F5, 9B, 45, 64, 64, 13, A6, 07, 42, 38, 75, 64, 64, 13, A6, 07, 42, 38, 75, E9, 2A, 6E, 00, 00, E9, 3E, 6E, 00, 00, E9, 39, 6E, 00, 00, E8, 6E, FB, FF, FF, CE, 03, 01, 00, AC, 9A, 00, 00, 5C, 83, 50, BD, AD, 13, 01, D2, 7F, AB, 54, 7B, B3, EE, F1, 92, 3A, 61, F0, 27, DC, 1C, C9, 72, 65...
 
[+]

Packer / compiler:
MoleBox v2.0

The file kg-uv2d.exe has been seen being distributed by the following URL.

http://wouxun.us/Software/.../KG-UV2D.exe

Scan kg-uv2d.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.