The KLSetup exe (KLauncher Installer) KLauncher LLC File Malware Analysis

The KLSetup.exe (KLauncher Installer) File Analysis

Updated 1 year ago

Checked by Malware Check

KLSetup.exe

Hash Type	Value	Action
MD5	7a6436629a7b09b2213589bc671d3432
SHA1	c27069f89a57acea72a1346949406eb7f94cfa52
SHA256	bdcd9f5eec736e493ead3ad3a6ea517e4ec3a6525819f6e3761af02828089d5f
SHA512	71d60f2d4dcf1d92cf5be5eefdab7584ea4bdd9c4bea545bf47749a5b6ad7a4145e3306587447e2a243cfac24f3242a09a20309155a99a7440ec130154457f12
ImpHash	90c21f135449bd1cda688e778dfc3272

Hash Type

Value

Action

MD5

7a6436629a7b09b2213589bc671d3432

SHA1

c27069f89a57acea72a1346949406eb7f94cfa52

SHA256

bdcd9f5eec736e493ead3ad3a6ea517e4ec3a6525819f6e3761af02828089d5f

SHA512

71d60f2d4dcf1d92cf5be5eefdab7584ea4bdd9c4bea545bf47749a5b6ad7a4145e3306587447e2a243cfac24f3242a09a20309155a99a7440ec130154457f12

ImpHash

90c21f135449bd1cda688e778dfc3272

PE Analysis

Basic Information

▼

Icon	Hash: ac879b075c3226cd51709ab53701f18a Fuzzy: 1408c9af7820455d2131baaca73933a4 dHash: 04269a4c0c1aa5d8
Image Base	`0x00400000`
Entry Point	`0x0040240c`
Compilation Time	2023-09-29 21:09:04
Checksum	0x00830570 (Actual: 0x00830570)
OS Version	6.0
PEiD Signatures	`PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows`
Digital Signature	OK
Imports	12 libraries
Exports	9 functions
Resources	62 Resources
Sections	9 Sections

Version Information

▼

CompanyName	KLauncher LLC
FileDescription	KLauncher Installer
FileVersion	1.3.3.7
InternalName	KLSetup
LegalCopyright	@ KLauncher LLC
OriginalFilename	KLSetup
ProgramID	com.klauncher.KLInstaller
ProductName	KLauncher Installer
ProductVersion	1.3.3.7
Translation	0x0419 0x04e3

PE Sections

▼

Name	Virtual Address	Virtual Size	Raw Size	Entropy	Characteristics	MD5
`.text`	`0x00001000`	3,538,944 bytes	3,536,896 bytes	6.50 (Compressed)	`IMAGE_SCN_CNT_CODE\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ`	`26F51827301809753FA42F0B25DD4477`
`.data`	`0x00361000`	159,744 bytes	74,240 bytes	6.03 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`61917555154156358AA31AF5E820AF1F`
`.tls`	`0x00388000`	4,096 bytes	1,024 bytes	0.03 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`91CCB28EB66F40FB9808FD088DA27BA6`
`.rdata`	`0x00389000`	4,096 bytes	512 bytes	0.21 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_SHARED\|IMAGE_SCN_MEM_READ`	`DAF11C48D2E2A9B6D00DC744E1F90270`
`.idata`	`0x0038a000`	16,384 bytes	15,360 bytes	5.24 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`3978DCE25FE4D9B05471108C508A5E26`
`.didata`	`0x0038e000`	4,096 bytes	3,584 bytes	4.69 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`5471E7C1C62F3118FC6BFCC410DCC46F`
`.edata`	`0x0038f000`	4,096 bytes	512 bytes	3.54 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`2FB89AC1817E00E9A2CC98644631315B`
`.rsrc`	`0x00390000`	4,644,864 bytes	4,641,280 bytes	6.96 (Compressed)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`0EB4B24376A6E2B85378BAD4797F369D`
`.reloc`	`0x007fe000`	290,816 bytes	290,304 bytes	6.74 (Compressed)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_SHARED\|IMAGE_SCN_MEM_READ`	`6EF8F79EF5CDEDBC7E5A1B42EC866382`

Entropy Analysis Alert

3 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

▼

Total Resources: 62 (4,637,684 bytes)

Resource Type	Count	Total Size	Percentage
RT_CURSOR	7	2,156 bytes	0%
RT_ICON	1	67,624 bytes	1.5%
RT_STRING	34	35,620 bytes	0.8%
RT_RCDATA	10	4,529,845 bytes	97.7%
RT_GROUP_CURSOR	7	140 bytes	0%
RT_GROUP_ICON	1	20 bytes	0%
RT_VERSION	1	784 bytes	0%
RT_MANIFEST	1	1,495 bytes	0%

Certificate Chain Analysis

▼

Certificate Information

Product	KLauncher Installer
Description	KLauncher Installer
File Version	1.3.3.7
Original Name	KLSetup
Signing Date	09:09 PM 09/29/2023 (809 days ago)
Verification Status	Signed
Signers	KLAUNCHER LLC; GlobalSign GCC R45 EV CodeSigning CA 2020; GlobalSign Code Signing Root R45
Counter Signers	Globalsign TSA for CodeSign1 - R6; GlobalSign Timestamping CA - SHA384 - G4; GlobalSign Root CA - R6
Internal Name	KLSetup
Copyright	@ KLauncher LLC

Certificate Chain Summary

GlobalSign #1 Primary

Validity Period: 2018-09-19 00:00:00 → 2028-01-28 12:00:00

Signature Algorithm: sha256RSA

Serial Number: 01 EE 5F 16 9D FF 97 35 2B 64 65 D6 6A

GlobalSign Code Signing Root R45 #2 Chain

Validity Period: 2020-07-28 00:00:00 → 2029-03-18 00:00:00

Signature Algorithm: sha384RSA

Serial Number: 78 03 18 42 45 70 8A 41 CF 6F 01 B8 EE B4 A9 54

GlobalSign GCC R45 EV CodeSigning CA 2020 #3 Chain

Validity Period: 2020-07-28 00:00:00 → 2030-07-28 00:00:00

Signature Algorithm: sha256RSA

Serial Number: 77 BD 0E 05 B7 59 0B B6 1D 47 61 53 1E 3F 75 ED

KLAUNCHER LLC #4 Chain

Validity Period: 2022-11-29 12:56:58 → 2023-08-30 11:15:39

Signature Algorithm: sha256RSA

Serial Number: 73 62 0A F2 F1 58 00 BB 34 B1 40 FD

Globalsign TSA for CodeSign1 - R6 #5 Chain

Validity Period: 2022-04-06 07:45:38 → 2033-05-08 07:45:38

Signature Algorithm: sha256RSA

Serial Number: 01 B2 8B D4 CF EE EE 0D BE D0 B3 0D 9B F8 43 6A

GlobalSign Timestamping CA - SHA384 - G4 #6 Chain

Validity Period: 2018-06-20 00:00:00 → 2034-12-10 00:00:00

Signature Algorithm: sha384RSA

Serial Number: 01 EC 1C 92 40 DE FD 2E 40 5D 7C 47 74

GlobalSign #7 Chain

Validity Period: 2014-12-10 00:00:00 → 2034-12-10 00:00:00

Signature Algorithm: sha384RSA

Serial Number: 45 E6 BB 03 83 33 C3 85 65 48 E6 FF 45 51

KLAUNCHER LLC #8 Chain

Validity Period: 2023-08-29 12:46:49 → 2024-09-29 11:15:39

Signature Algorithm: sha256RSA

Serial Number: 49 40 5F 78 A7 D8 3F 07 20 D0 04 9B

✓ This file has been digitally signed and the certificate chain has been verified

The signature ensures file integrity and authenticity from the publisher
Timestamping proves when the signature was applied

File Name	KLSetup.exe
File Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
Scanner Version	1.0.176.174
Database Version	2024-05-16 17:00:14 UTC

The KLSetup.exe (KLauncher Installer) File Analysis

Technical Analysis

Clean File

Scan Another File

File Identification

PE Analysis

Basic Information

Version Information

PE Sections

Entropy Analysis Alert

Resource Analysis

Certificate Chain Analysis

Certificate Information

Certificate Chain Summary

Certificate Verification Status

Remember: This is Result of Online Virus Scanner

Keep Your System Protected

Leave a Comment

Gridinsoft Anti-Malware