u1304.exe

Ultrareach Internet Corp.

The application u1304.exe by Ultrareach Internet has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This executable runs as a local area network (LAN) Internet proxy server listening on port 9666 and has the ability to intercept and modify all inbound and outbound Internet traffic on the local host.
Publisher:
Ultrareach Internet Corp.  (signed and verified)

MD5:
7c187d2a461041a03574eb7c1344a22d

SHA-1:
6ebcc796f0fc01884c8600b008098e24aa262292

SHA-256:
e505929bcae4af1632050c8628b5c21b4d2240c7b23b17c9f078ff6439105408

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 1:43:51 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Win32.Generic
17.3.15.20

File size:
1.9 MB (2,016,992 bytes)

File type:
Executable application (Win32 EXE)

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
12/5/2012 9:33:59 PM

Valid to:
1/11/2016 3:34:39 PM

Subject:
CN=Ultrareach Internet Corp., O=Ultrareach Internet Corp., L=Cheyenne, S=WY, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121C51978F0ED636CA3C5B5C4D33D022C10

File PE Metadata
Compilation timestamp:
12/21/2013 8:05:31 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x822000

Entry point:
83, EC, 04, 50, 53, E8, 01, 00, 00, 00, CC, 58, 89, C3, 40, 2D, 00, B0, 0D, 00, 2D, FF, 91, 0A, 10, 05, F4, 91, 0A, 10, 80, 3B, CC, 75, 19, C6, 03, 00, BB, 00, 10, 00, 00, 68, 31, 36, 56, 02, 68, E1, 54, FC, 56, 53, 50, E8, 0A, 00, 00, 00, 83, C0, 00, 89, 44, 24, 08, 5B, 58, C3, 55, 89, E5, 50, 53, 51, 56, 8B, 75, 08, 8B, 4D, 0C, C1, E9, 02, 8B, 45, 10, 8B, 5D, 14, 85, C9, 74, 0A, 31, 06, 01, 1E, 83, C6, 04, 49, EB, F2, 5E, 59, 5B, 58, C9, C2, 10, 00, 97, 6F, 9B, E3, 4C, D6, 77, 52, B0, B5, 24, D7, 6D, 1A...
 
[+]

Code size:
932 KB (954,368 bytes)

Local Proxy Server
Proxy for:
Internet Settings

Local host address:
http://127.0.0.1:9666/

Local host port:
9666

Default credentials:
No


Remove u1304.exe - Powered by Reason Core Security