qkdup.exe

Jinnan Wu

The application qkdup.exe by Jinnan Wu has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Jinnan Wu  (signed and verified)

MD5:
87a4d8021ec61cbbd979e5e71f5c3d29

SHA-1:
b8fdb22adf03bb8a0068a0b5f0d7aecf335eaed1

SHA-256:
fee86df5886e4f4ddabd21feaa1ddf81a13c96db4f4570c671ee1f0b632753a8

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 12:32:47 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Elex.Qksee (M)
16.6.30.19

File size:
360.6 KB (369,304 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\qksee\qkdup.exe

Digital Signature
Signed by:

Authority:
thawte, Inc.

Valid from:
1/18/2016 1:00:00 AM

Valid to:
1/18/2017 12:59:59 AM

Subject:
CN=Jinnan Wu, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
18229C0F3250464B242D5DD76615C1EC

File PE Metadata
Compilation timestamp:
4/8/2016 11:07:53 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
6144:vdkCf7Up35jxV67Bi2b1Fw9VCuceXFrsWVEP62R9XFAYq5GmYzvaeSu2ERq:1kCfAVDoTw9VCuceXFrsWVEP62k5

Entry address:
0x19DFB

Entry point:
61, 57, 35, 6E, 49, 47, 4E, 6F, 59, 57, 35, 75, 5A, 57, 77, 36, 63, 33, 52, 68, 59, 6D, 78, 6C, 45, 50, 67, 46, 47, 4E, 47, 46, 79, 67, 45, 67, 30, 59, 58, 4B, 41, 55, 6F, 51, 43, 67, 78, 45, 5A, 57, 5A, 68, 64, 57, 78, 30, 52, 33, 4A, 76, 64, 58, 41, 51, 41, 46, 49, 4D, 45, 67, 51, 79, 4E, 79, 34, 71, 49, 41, 4D, 6F, 41, 43, 67, 42, 45, 70, 38, 4F, 43, 67, 39, 4A, 62, 6E, 4E, 30, 59, 57, 35, 30, 52, 58, 68, 30, 5A, 57, 35, 6B, 5A, 57, 51, 59, 67, 50, 66, 53, 6D, 51, 55, 34, 41, 55, 49, 4D, 52, 47, 56, 6D...
 
[+]

Code size:
186.5 KB (190,976 bytes)

Remove qkdup.exe - Powered by Reason Core Security