» cktSvc.exe
Overview
Analysis
File Details
Behaviors (1)

cktSvc.exe

Uncheckit Module

EVANGEL TECHNOLOGY(HK) LIMITED

The application cktSvc.exe by EVANGEL TECHNOLOGY(HK) LIMITED has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a scheduled task under the Windows Task Scheduler named UncheckitTaskMN triggered daily at a specified time.

File name:

cktSvc.exe

Publisher:

EVANGEL TECHNOLOGY (HK) LIMITED (signed by EVANGEL TECHNOLOGY(HK) LIMITED)

Product:

Uncheckit Module

Description:

uncheckit svc

Version:

2.1.2.25888

MD5:

49a907e2453f71d8622af04d02325711

SHA-1:

c4f9130bd88fe2ae9b925f12af9ee58b0c385700

SHA-256:

4431e62f26682995cab6a63b2e030e16f50f81badaddc8a637722a125598be11

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/5/2024 10:09:36 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Evangel (M)

16.11.10.9

File size:

308.3 KB (315,648 bytes)

Product version:

2.1.2.25888

Original file name:

cktSvc.exe

File type:

Executable application (Win32 EXE)

Language:

English

Common path:

C:\Program Files\uncheckit\cktsvc.exe

Digital Signature

Signed by:

EVANGEL TECHNOLOGY(HK) LIMITED

Authority:

GlobalSign nv-sa

Valid from:

7/18/2016 5:52:58 AM

Valid to:

11/26/2016 10:27:12 AM

Subject:

CN=EVANGEL TECHNOLOGY(HK) LIMITED, O=EVANGEL TECHNOLOGY(HK) LIMITED, L=香港, S=香港, C=HK

Issuer:

CN=GlobalSign CodeSigning CA - G3, O=GlobalSign nv-sa, C=BE

Serial number:

74DBE83082E1B3DFA29F9C24

File PE Metadata

Compilation timestamp:

7/25/2016 8:54:43 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

6144:v/gf3P+CdARsYk60TENlQ5EhH5F5km+/gf3P+K:v4fW+pYk9E3hK4fWK

Entry address:

0x22925

Entry point:

E8, E7, 04, 00, 00, E9, 4C, FE, FF, FF, CC, FF, 25, 54, 73, 42, 00, 55, 8B, EC, FF, 15, 2C, 71, 42, 00, 6A, 01, A3, 64, BE, 43, 00, E8, D3, 05, 00, 00, FF, 75, 08, E8, D1, 05, 00, 00, 83, 3D, 64, BE, 43, 00, 00, 59, 59, 75, 08, 6A, 01, E8, B9, 05, 00, 00, 59, 68, 09, 04, 00, C0, E8, BA, 05, 00, 00, 59, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, 3D, 19, 00, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, 48, BC, 43, 00, 89, 0D, 44, BC, 43, 00, 89, 15, 40, BC, 43, 00, 89, 1D, 3C, BC, 43, 00, 89, 35... 
[+]

Code size:

152 KB (155,648 bytes)

Scheduled Task

Task name:

UncheckitTaskMN

Trigger:

Daily (Runs daily at 12:10)

Description:

Uncheckit Update Task

Remove cktSvc.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.