KpAcdSee.EXE

KpAcdSee 应用程序

北京百聚互动广告有限公司

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘KpAcdSee’.
Publisher:
北京百聚互动广告有限公司  (signed and verified)

Product:
KpAcdSee 应用程序

Description:
KpAcdSee 快捷看图

Version:
1, 0, 1, 2

MD5:
ad903dc6a4ef5d4a22f59633ddc0875e

SHA-1:
ba6b99dba9ee80d9b13a8bce0a6b562e146a5fcc

SHA-256:
3ba439b831d8d25ee9d4d66dcd21a9ca9104c72c83b76fc0f62a11baf7bdda53

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/28/2024 7:03:15 PM UTC  (today)

File size:
355.6 KB (364,104 bytes)

Product version:
1, 0, 1, 2

Copyright:
版权所有 (C) 2014

Original file name:
KpAcdSee.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\kpacdsee\kpacdsee.exe

Digital Signature
Authority:
WoSign CA Limited

Valid from:
8/17/2015 8:28:17 AM

Valid to:
8/17/2016 8:28:17 AM

Subject:
CN=北京百聚互动广告有限公司, O=北京百聚互动广告有限公司, L=北京市, S=北京市, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
35AC89B865FC1B741C81BF1A54CECEC4

File PE Metadata
Compilation timestamp:
5/18/2016 5:30:26 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:V/rQOlWpSfNsixAWaAdHEecR5Itn32amk7bWG7oPA3dE/XajUE0DMDxZPgENODwB:LfqWaAdH4Rdo39DgENbd

Entry address:
0x77C6

Entry point:
55, 8B, EC, 6A, FF, 68, B0, 59, 42, 00, 68, 2A, 79, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, 64, 54, 42, 00, 59, 83, 0D, 00, F3, 42, 00, FF, 83, 0D, 04, F3, 42, 00, FF, FF, 15, 60, 54, 42, 00, 8B, 0D, E0, F1, 42, 00, 89, 08, FF, 15, 5C, 54, 42, 00, 8B, 0D, DC, F1, 42, 00, 89, 08, A1, 58, 54, 42, 00, 8B, 00, A3, FC, F2, 42, 00, E8, 1C, 01, 00, 00, 39, 1D, 30, EB, 42, 00, 75, 0C, 68, 4E, 79, 40, 00, FF, 15, 54, 54...
 
[+]

Entropy:
6.1933

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
144 KB (147,456 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
KpAcdSee

Command:
C:\Program Files\kpacdsee\kpacdsee.exe -start


Scan KpAcdSee.EXE - Powered by Reason Core Security