qkseesvc.exe

Jinnan Wu

The application qkseesvc.exe by Jinnan Wu has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Jinnan Wu  (signed and verified)

Version:
5.0.0.0

MD5:
b87f30d04ab64d69e7c1da7e3ad8d440

SHA-1:
9b7b0bcd287d58037a5e3dae6f4a1a09cac430a6

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/27/2024 4:30:10 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Elex (M)
16.9.20.11

File size:
1.9 MB (2,023,571 bytes)

Product version:
5.0.0.0

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Documents and Settings\{user}\Local settings\temp\{random}.tmp\tools\qksee\qkseesvc.exe

Digital Signature
Signed by:

Authority:
thawte, Inc.

Valid from:
9/18/2016 5:00:00 PM

Valid to:
1/17/2017 3:59:59 PM

Subject:
CN=Jinnan Wu, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
52064AE99FEB7C10A0A4F51CF527B2FC

File PE Metadata
Compilation timestamp:
9/19/2016 6:56:08 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:cJ+ohBBhzxMWkz7hv6NE5/kEDr59TByiP6kn:cHXD1qdrHTByiP6i

Entry address:
0x6B94C

Entry point:
60, E8, 00, 00, 00, 00, 5B, 81, EB, D0, 48, E6, 02, 83, EC, 74, 8B, EC, 8B, 83, AB, 4B, E6, 02, 89, 45, 00, 8B, 83, B3, 4B, E6, 02, 03, 45, 00, 89, 45, 2C, 8B, 83, B7, 4B, E6, 02, 03, 45, 00, 89, 45, 30, C7, 45, 14, 00, 00, 00, 00, C7, 45, 18, 00, 00, 00, 00, C7, 45, 1C, 00, 00, 00, 00, 8B, 45, 14, FF, 45, 14, 66, 33, C9, 8A, 8C, 03, FF, 4B, E6, 02, 84, C9, 74, 7A, 8B, 45, 1C, 66, 01, 4D, 1C, 03, C3, 05, 13, 4C, E6, 02, 50, 8B, 45, 2C, FF, 10, 85, C0, 0F, 84, 5E, 02, 00, 00, 89, 45, 10, 8B, 45, 1C, 03, C3...
 
[+]

Entropy:
3.4135

Packer / compiler:
ASPack v1.08.04

Code size:
552 KB (565,248 bytes)

Remove qkseesvc.exe - Powered by Reason Core Security