home

youkudesktop.exe

优酷

合一网络技术(北京)有限公司

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘iKu’.
Publisher:
youku.com  (signed by 合一网络技术(北京)有限公司)

Product:
优酷

Version:
7.1.6.2161

MD5:
404d8e1ceab89bccadcb75e8cc305104

SHA-1:
311a3163188cc04aa13a7dd3894eacb0405313c0

SHA-256:
76f5627a1867443bf6817b23c4e5becebed83b1996322c3d041c3cb2a9562378

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 6:15:20 PM UTC  (today)

File size:
3.6 MB (3,805,224 bytes)

Product version:
7.1.6.2161

Copyright:
Copyright(c)2017 优酷 youku.com 版权所有

Original file name:
iKuDesktop.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\youku\youkuclient\youkudesktop.exe

Digital Signature
Signed by:
合一网络技术(北京)有限公司

Authority:
WoSign CA Limited

Valid from:
4/6/2016 11:19:28 AM

Valid to:
1/6/2018 11:19:28 AM

Subject:
CN=合一网络技术(北京)有限公司, O=合一网络技术(北京)有限公司, L=北京市, S=北京市, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
60BC17A063D109A90EF3616B5F10533D

File PE Metadata
Compilation timestamp:
2/16/2017 3:23:27 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x15D50F

Entry point:
00, 77, 00, 69, 00, 6E, 00, 6D, 00, 6D, 00, 2E, 00, 64, 00, 6C, 00, 6C, 00, 00, 00, 48, 00, 0A, 01, 02, 00, 01, C0, 8A, 00, 0A, 03, 58, 0F, 00, 00, 84, 0E, 00, 00, EF, C2, 1C, 09, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 19, 6C, 00, 30, 01, 00, 84, 0E, 00, 00, 64, FD, 01, 00, 94, D9, 5B, 4A, 00, 00, 00, 00, 00, 00, 19, 6C, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 5C, 00, 57, 00, 69, 00, 6E, 00, 64, 00, 6F, 00, 77, 00, 73, 00, 5C, 00, 53, 00, 79, 00, 73, 00, 74, 00, 65...
 
[+]

Entropy:
6.3006

Code size:
2.5 MB (2,592,256 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
iKu

Command:
"C:\Program Files\youku\youkuclient\youkudesktop.exe" ikC:\|reg|


Scan youkudesktop.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.