home

u.zip

MD5:
d2bd1d407cc00aaf944e718036d5dd7c

SHA-1:
6a963e6f07f80b2120447c86565a3c705a5c6474

SHA-256:
6d5fe69d08996c7a9a6be3186630fd500c915ca3d25e330fccfbc76d71914984

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/6/2024 8:23:52 AM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Hacktool.Win32.UltraReach
4.0.3.15829

ESET NOD32
Win32/UltraReach potentially unsafe (variant)
9.12169

Fortinet FortiGate
Riskware/UltraReach
8/29/2015

File size:
1.9 MB (1,981,655 bytes)

Common path:
C:\users\{user}\downloads\u.zip

The file u.zip has been seen being distributed by the following 3 URLs.

http://113.171.224.169/.../u.zip?ich_u_r_i=0f4e3f1369c3bc231838b8f70be0e67e&ich_s_t_a_r_t=0&ich_e_n_d=0&ich_k_e_y=1545078928751263302436&ich_t_y_p_e=1&ich_d_i_s_k_i_d=2&ich_u_n_i_t=1

https://s3.amazonaws.com/.../u.zip

http://ultrasurf.us/.../u.zip

Scan u.zip - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.