home

browser.exe

CocCoc

Coc Coc Co., Ltd.

The executable browser.exe has been detected as malware by 2 anti-virus scanners. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘uzzbciuddkbc’.
Publisher:
Coc Coc Co., Ltd.

Product:
CocCoc

Version:
55.4.2883.114

MD5:
65babd30dc60d05ab19fa935ac62f8fd

SHA-1:
1e675c916c568bb5f6a4c533285b728f8788a91f

SHA-256:
55108f636c28d3d37b798c1c11b93ee32e602fef82119460e2147224b67569ce

Scanner detections:
2 / 68

Status:
Malware

Analysis date:
4/1/2025 8:16:21 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Agent.YQV trojan
6.3.12010.0

F-Secure
Variant.Graftor.346072
5.16.24

File size:
364.5 KB (373,248 bytes)

Product version:
55.4.2883.114

Copyright:
Copyright (C) 2012-2016 Coc Coc Co., Ltd. All Rights Reserved.

Original file name:
browser.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\ProgramData\uzzbciuddkbc\browser.exe

File PE Metadata
Compilation timestamp:
2/19/2017 2:29:37 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

Entry address:
0x20A9C

Entry point:
E8, 6D, 05, 00, 00, E9, 69, FE, FF, FF, 3B, 0D, 14, B9, 45, 00, F2, 75, 02, F2, C3, F2, E9, FC, 06, 00, 00, FF, 25, 94, 33, 42, 00, 55, 8B, EC, 83, 61, 04, 00, 83, 61, 08, 00, 8B, 45, 08, 89, 41, 04, 8B, C1, C7, 01, F8, 38, 42, 00, 5D, C2, 04, 00, 55, 8B, EC, 56, FF, 75, 08, 8B, F1, E8, 98, 4A, FF, FF, C7, 06, F8, 38, 42, 00, 8B, C6, 5E, 5D, C2, 04, 00, 83, 61, 04, 00, 8B, C1, 83, 61, 08, 00, C7, 41, 04, 00, 39, 42, 00, C7, 01, F8, 38, 42, 00, C3, 55, 8B, EC, 56, FF, 75, 08, 8B, F1, E8, 65, 4A, FF, FF, C7...
 
[+]

Entropy:
6.7706

Code size:
134.5 KB (137,728 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
uzzbciuddkbc

Command:
"C:\ProgramData\uzzbciuddkbc\browser.exe" herzqayfijohvg


Remove browser.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.