duc30.exe

Vitalwerks Internet Solutions

This file is installed with multiple programs including No-IP.com DUC (remove only) and No-IP DUC.
Publisher:
Vitalwerks Internet Solutions  (signed and verified)

MD5:
29ef3e76e183da688c3737c21fcf2f3b

SHA-1:
9776da8ea1302d7289eab6dbea6a165fdaf9c53f

SHA-256:
ff7054130cdabd9a3289cee98d310fccad64ba15bb297b030244ad469f8df804

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/27/2024 7:18:49 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.Clod9ea.Trojan
1.3.0.4562

File size:
1.4 MB (1,423,520 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\no-ip\duc30.exe

Digital Signature
Authority:
VeriSign, Inc.

Subject:
CN=Vitalwerks Internet Solutions, OU=No-IP.com, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Vitalwerks Internet Solutions, L=Reno, S=Nevada, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
54507FB2DFB683B3B3A2EC0EBCA77A53

File PE Metadata
OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:mcf5WM9cLV+xrq2O/6UxOBaq3IaKJOKH9jQiuABx0jX6gZbgHHs8z8/k:jBUr6YLdiWhgZMHHsOgk

Entry address:
0x10C678

Entry point:
55, 8B, EC, 83, C4, E8, 53, 56, 33, C0, 89, 45, E8, 89, 45, EC, B8, A0, 99, 50, 00, E8, B2, A8, EF, FF, 33, C0, 55, 68, 7F, C8, 50, 00, 64, FF, 30, 64, 89, 20, E8, 4F, 6D, EF, FF, E8, 8A, 6C, EF, FF, 85, C0, 7E, 51, 8D, 55, EC, B8, 01, 00, 00, 00, E8, D9, 6C, EF, FF, 8B, 45, EC, BA, 98, C8, 50, 00, E8, 7C, 8A, EF, FF, 75, 35, A1, A8, 26, 51, 00, 8B, 00, 8B, 10, FF, 52, 34, 8B, 0D, 60, 24, 51, 00, A1, A8, 26, 51, 00, 8B, 00, 8B, 15, 14, 8E, 50, 00, 8B, 18, FF, 53, 30, A1, A8, 26, 51, 00, 8B, 00, 8B, 10, FF...
 
[+]

Entropy:
6.6859

Developed / compiled with:
Microsoft Visual C++

Code size:
1 MB (1,092,608 bytes)

User Start Menu Item
Name:
duc30.exe


The file duc30.exe has been discovered within the following programs.

No-IP DUC  by Vitalwerks Internet Solutions LLC
Publisher's description - “No-IP has been offering the best and most affordable Managed DNS solutions. Our robust Anycast Network with points of presence in 11 different world class facilities across the globe guarantees our 100% Uptime, because let's face it, there are no upsides to downtime.”
www.no-ip.com
About 8% of users remove it
No-IP.com DUC (remove only)  by Vitalwerks & No-IP.com
About 1% of users remove it
 
Powered by Should I Remove It?

Scan duc30.exe - Powered by Reason Core Security