home

kyo_loader_126a_upgrade.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from dl.kyofun.com.
MD5:
3ed46556e6853f838e1d7a3423abf9c8

SHA-1:
ea886f6f3a81916c2c97814aeb83514351d0bcb4

SHA-256:
4d949561eb0098714dd0aa7f212823ae3e6fbdfd4c780fb87be6976672096472

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/28/2024 6:54:05 PM UTC  (today)

File size:
32.6 MB (34,134,781 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\kyo_loader_126a_upgrade.exe

File PE Metadata
Compilation timestamp:
12/17/2004 4:58:40 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
786432:Orvl8Ngzr0LW7q70Q7YCpbYx4lrfDYUdWX8gvYSDZ6JYM:OJNgSG4IYSNBGYSDMJYM

Entry address:
0x1A05E

Entry point:
00, 80, D3, EA, 09, 50, 08, A1, D4, 9D, 42, 00, 8B, 0D, CC, 9D, 42, 00, 8B, 40, 10, 83, A4, 88, C4, 00, 00, 00, 00, A1, D4, 9D, 42, 00, 8B, 40, 10, FE, 48, 43, A1, D4, 9D, 42, 00, 8B, 48, 10, 80, 79, 43, 00, 75, 09, 83, 60, 04, FE, A1, D4, 9D, 42, 00, 83, 78, 08, FF, 75, 69, 53, 6A, 00, FF, 70, 0C, FF, D6, A1, D4, 9D, 42, 00, FF, 70, 10, 6A, 00, FF, 35, E4, 9D, 42, 00, FF, 15, 50, 11, 42, 00, A1, D8, 9D, 42, 00, 8B, 15, DC, 9D, 42, 00, 8D, 04, 80, C1, E0, 02, 8B, C8, A1, D4, 9D, 42, 00, 2B, C8, 8D, 4C, 11...
 
[+]

Entropy:
7.9983  (probably packed)

Code size:
128 KB (131,072 bytes)

The file kyo_loader_126a_upgrade.exe has been seen being distributed by the following URL.

http://dl.kyofun.com/.../KYO_Loader_126a_upgrade.exe

Scan kyo_loader_126a_upgrade.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.