kis2011_vector.exe

Kingsoft Internet Security

KINGSOFT JAPAN INC.

This is a setup and installation application. The file has been seen being downloaded from download.kingsoft.jp.
Publisher:
Kingsoft Corporation  (signed by KINGSOFT JAPAN INC.)

Product:
Kingsoft Internet Security

Description:
Kingsoft Install

Version:
2011,06,16,222

MD5:
ceea26f73c1776f29b684d810f9256e5

SHA-1:
8b02b2f85e3dd8eb111d31632594ef4382a3fb7b

SHA-256:
0c16b9b3ac4a140b77ba4fd823c3a933e4b37c9102e9ddbf4954f05241b1897c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 7:00:15 PM UTC  (today)

File size:
30.3 MB (31,805,904 bytes)

Product version:
9,0,37016,222

Copyright:
Copyright (C) 1998-2011 Kingsoft Corporation

Original file name:
setupext.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\kis2011_vector.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
8/9/2010 5:54:52 PM

Valid to:
9/29/2011 10:54:12 AM

Subject:
CN=KINGSOFT JAPAN INC., O=KINGSOFT JAPAN INC., C=JP

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000012A56275F04

File PE Metadata
Compilation timestamp:
6/16/2011 6:40:22 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
786432:AAFrL1js4D7OLqvU6KWRLHKbZIP4RhuQO4fGJVAfVbu:A+i4O96KWVAZIQHcJAJu

Entry address:
0xE537

Entry point:
E8, F7, 7E, 00, 00, E9, 16, FE, FF, FF, CC, CC, CC, 68, 50, DC, 40, 00, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, A0, 41, 42, 00, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F0, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, 6A, 0C, 68, 00, 29, 42, 00, E8, 9B, FF, FF, FF, 6A, 0E, E8, 6E, 4F, 00, 00, 59, 83, 65, FC, 00, 8B, 75...
 
[+]

Entropy:
7.9954  (probably packed)

Code size:
108 KB (110,592 bytes)

The file kis2011_vector.exe has been seen being distributed by the following URL.

Scan kis2011_vector.exe - Powered by Reason Core Security