home

malware96

UltraDefrag GUI interface

Meicun Ge

The file malware96 by Meicun Ge has been detected as a potentially unwanted program by 2 anti-malware scanners.
Publisher:
UltraDefrag Development Team  (signed by Meicun Ge)

Product:
UltraDefrag GUI interface

Version:
6.0.4.0

MD5:
fa0286da668daaa0fffc80efea214685

SHA-1:
3fb3a09f16a4cfdca508911ba7f3a0a6193b4ff5

SHA-256:
a2de45b01cfc60ab1c586526dd5cba381181ea353aef94589a16a37290f16312

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
12/5/2024 12:50:57 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.MeicunGe (M)
16.1.13.20

Sophos
Mal/Agent-ARC
4.98

File size:
366.2 KB (375,000 bytes)

Product version:
6.0.4.0

Copyright:
Copyright (C) 2007-2013 UltraDefrag Development Team

Language:
Language Neutral

Digital Signature
Signed by:
Meicun Ge

Authority:
Unizeto Technologies S.A.

Valid from:
9/8/2014 9:49:43 AM

Valid to:
9/8/2015 9:49:43 AM

Subject:
E=meicunge@gmail.com, CN="Open Source Developer, meicun ge", O=Meicun Ge, C=CN

Issuer:
CN=Certum Level III CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:
4FC13D6220C629043A26F81B1CAD72D8

File PE Metadata
Compilation timestamp:
3/27/2015 1:54:59 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:LgW0i5HAOYGYboi+QC46CRjXW/jBWWEuXLsrqHV6/HjYGoi:0UOnGYboi+QC2RjXJuceWHjWi

Entry address:
0x73E80

Entry point:
E9, 40, 09, 02, 00, 68, 6B, A7, 9A, 41, AC, 66, C7, 04, 24, F4, BC, E9, A5, 79, 04, 00, A4, 18, 06, BD, 62, 81, 52, 0D, 1E, AF, B9, 16, 7C, 9B, 45, EA, 25, E4, F0, ED, F9, 94, CC, A0, A1, CD, 19, 8C, 50, D5, C4, A0, E1, 70, 71, 09, 1D, 5E, 10, 0E, 1C, C3, EF, FD, EE, 6E, 8C, E8, 95, 11, 32, E4, A7, B5, 6A, 55, D4, 7A, EF, 90, D3, C0, D3, 73, 67, 70, 5E, 3F, AE, BF, B1, 7F, 53, DD, 54, A9, DA, 09, DA, DB, EA, D7, 59, C8, 25, 0A, 83, E3, 26, 28, B4, 2C, B0, 79, 35, 9D, 59, 40, BC, DC, 52, 13, 7A, 0B, 52, 2A...
 
[+]

Packer / compiler:
Xtreme-Protector v1.05

Code size:
190.5 KB (195,072 bytes)

Remove malware96 - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.