kingrootsetup_105002.exe

KingRootApp

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from redirect.viglink.com and multiple other hosts.
Publisher:
KingRoot   (signed by KingRootApp)

Product:
KingRoot

Description:
KingRoot Setup

MD5:
23cc634ef07bf36bf4bfa8da915928d9

SHA-1:
292e01ace7d1d6b959e9eae6dded29cb96a0ac91

SHA-256:
3522e71781c377b3c12e876e4b18df4565e4c4cd5322e7889891c89c1040b871

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 7:19:03 PM UTC  (today)

File size:
15.3 MB (16,069,456 bytes)

Product version:
3.0.1

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Turkish (Turkey)

Common path:
C:\users\{user}\downloads\kingrootsetup_105002.exe

Digital Signature
Signed by:

Authority:
Kingroot

Valid from:
11/19/2013 7:18:16 AM

Valid to:
1/1/2040 1:59:59 AM

Subject:
CN=KingRootApp

Issuer:
CN=www.kingroot.net, E=kingroot_team@qq.com, O=Kingroot

Serial number:
0D38338451B076A1482E76C1611C6D06

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
393216:7KxxU9AAOonpK+dvsW61wgaMb9ZabLq2v2/8Dmox:7KxxWfOonpK+9sAtMxQbVeIx

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file kingrootsetup_105002.exe has been seen being distributed by the following 18 URLs.

http://redirect.viglink.com/?key=f0a7f91912ae2b52e0700f73990eb321&u=http://mmgr.myapp.com/myapp/Kingroot/webapp_kingroot/.../KingRootSetup_105002.exe&tags=outOfBand.sid:iylype06am000n4o

http://redirect.viglink.com/?key=f0a7f91912ae2b52e0700f73990eb321&u=http://mmgr.myapp.com/myapp/Kingroot/webapp_kingroot/.../KingRootSetup_105002.exe&tags=outOfBand.sid:izd1l7er20000n4o

https://ln.syncusercontentpro.com/mfs-60:98de046fcc4c3351c8fd696bb8209250=============================/.../KingRootSetup_105002.exe

http://go.redirectingat.com/?id=78494X1529245&site=digitaltrends.com&xs=1&isjs=1&url=http://mmgr.myapp.com/myapp/gjbig/packmanage/14/1/KingRootSetup_105002.exe&xguid=80c502bf868373c14a4583fb3d3903a0&xuuid=928c7736598e8f61b5ba6e18bef30d63&xsessid=2b568de3012911c1c284699f831a76bb&xcreo=0&xed=0&sref=http://www.digitaltrends.com/mobile/how-to-root-android/5/&pref=https://.../&xtz=-60&abp=1

http://redirect.viglink.com/?format=go&jsonp=vglnk_148188859881412&key=f0a7f91912ae2b52e0700f73990eb321&libId=iwrpyqfa01000n4o000DA122xn6rrerej3&loc=http://forum.xda-developers.com/android/apps-games/one-click-root-tool-android-2-x-5-0-t3107461&v=1&out=http://mmgr.myapp.com/myapp/Kingroot/webapp_kingroot/image/KingRootSetup_105002.exe&title=[ROOT ANDROID][2.x-6.0] KINGROOT: The One-Cl… | Android Development and Hacking&txt=&gt;&gt;&gt;<font color="orange"><b>Download Desktop Version (Chinese only)</.../font>&lt;&lt;&lt;

http://click.xda-developers.com/api/click?format=go&jsonp=vglnk_147328583481012&key=f0a7f91912ae2b52e0700f73990eb321&libId=istfn8nr01000n4o000DA3s1n1rtu&loc=http://forum.xda-developers.com/android/apps-games/one-click-root-tool-android-2-x-5-0-t3107461&v=1&out=http://mmgr.myapp.com/myapp/Kingroot/webapp_kingroot/image/KingRootSetup_105002.exe&ref=http://hexamob.com/es/metodo-de-root-kingroot/&title=[ROOT ANDROID][2.x-5.1] KINGROOT: The One-Cl… | Android Development and Hacking&txt=&gt;&gt;&gt;<font color="orange"><b>Download Desktop Version (Chinese only)</.../font>&lt;&lt;&lt;

http://go.redirectingat.com/?id=78494X1529245&site=digitaltrends.com&xs=1&isjs=1&url=http://mmgr.myapp.com/myapp/gjbig/packmanage/14/1/KingRootSetup_105002.exe&xguid=fc67c548709bf89d0b096b1ff6c053de&xuuid=ff90a8c4e5b9a4e936b80087855ab17e&xsessid=612e0de0dce0f68fa9b928c93873ab0b&xcreo=0&xed=0&sref=http://www.digitaltrends.com/mobile/how-to-root-android/.../&xtz=300&abp=1

http://203.205.151.213/mmgr.myapp.com/myapp/Kingroot/webapp_kingroot/.../KingRootSetup_105002.exe

http://go.redirectingat.com/?id=78494X1529245&site=digitaltrends.com&xs=1&isjs=1&url=http://mmgr.myapp.com/myapp/gjbig/packmanage/14/1/KingRootSetup_105002.exe&xguid=031b1a9684fbafb0feef9b5ac4a4f17e&xuuid=4e04ae7da44205e2a8aa3be1d3980a3a&xsessid=6a7c33549a80afb12a1f5e07425732b1&xcreo=0&xed=0&sref=http://www.digitaltrends.com/mobile/how-to-root-android/.../&xtz=420&abp=1

http://203.205.151.214/mmgr.myapp.com/myapp/Kingroot/webapp_kingroot/.../KingRootSetup_105002.exe

temp:KingRootSetup_105002.exe

http://123.125.110.15/mmgr.myapp.com/myapp/gjbig/packmanage/14/.../KingRootSetup_105002.exe

http://203.205.151.213/mmgr.myapp.com/myapp/gjbig/packmanage/14/.../KingRootSetup_105002.exe

Scan kingrootsetup_105002.exe - Powered by Reason Core Security