» ubi1ca5.tmp.exe
Overview
Analysis
File Details
Programs (3)
Downloads (2)

ubi1ca5.tmp.exe

InstallShield

Ubisoft Entertainment

This is a self-extracting archive and installer. This is installed with multiple programs including Ubisoft Game Launcher and Tom Clancy's H.A.W.X. 2. The file has been seen being downloaded from static3.cdn.ubi.com and multiple other hosts.

File name:

ubi1ca5.tmp.exe

Publisher:

Acresso Software Inc. (signed by Ubisoft Entertainment)

Product:

InstallShield

Description:

Setup.exe

Version:

15.0.498

MD5:

c002cf16260135dd86a88df145e6427b

SHA-1:

9d33ca397eb07d94d9cd2358e684e124ea43f551

SHA-256:

e3e2b1f557992093dadb836df0350a5632de551d952f1f9fbda75fa4698e21d5

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

1/13/2025 7:35:13 PM UTC (today)

File size:

72.1 MB (75,587,768 bytes)

Product version:

15.0

Original file name:

Setup.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\ubi1ca5.tmp.exe

Digital Signature

Signed by:

Ubisoft Entertainment

Authority:

VeriSign, Inc.

Valid from:

12/16/2009 1:00:00 AM

Valid to:

12/17/2010 12:59:59 AM

Subject:

CN=Ubisoft Entertainment, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Ubisoft Entertainment, L=MONTREUIL, S=Seine St Denis, C=FR

Issuer:

CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

3DA716445C2B4B71B42E7118131B1DAB

File PE Metadata

Compilation timestamp:

5/10/2008 5:39:06 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

1572864:A0aymDq/koRvx/XBj+8Vtps4DxIIFVoEdv3XFjeok+NYFFc6AXrp:APD4k8vxR+8Vvp7VTh3XVeokAYFO6kV

Entry address:

0x21EE4

Entry point:

55, 8B, EC, 6A, FF, 68, F0, A2, 44, 00, 68, 60, 49, 42, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, FC, 92, 44, 00, 33, D2, 8A, D4, 89, 15, D0, 8B, 45, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, CC, 8B, 45, 00, C1, E1, 08, 03, CA, 89, 0D, C8, 8B, 45, 00, C1, E8, 10, A3, C4, 8B, 45, 00, 6A, 01, E8, A4, 17, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, 98, 14, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75... 
[+]

Entropy:

7.9942

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

288 KB (294,912 bytes)

The file ubi1ca5.tmp.exe has been discovered within the following programs.

Tom Clancy's H.A.W.X. 2 by Ubisoft

Publisher's description - “Aerial warfare has evolved. So have you. As a member of the ultra-secret HAWX 2 squadron, you are one of the chosen few. One of the truly elite.”

www.ubi.com/US/Games/Info.aspx?pId=8801

5% remove it

Ubisoft Game Launcher by Ubisoft

The Ubisoft Game Launcher used to run UBISOFT games.

www.ubi.com

22% remove it

Uplay by Ubisoft

Uplay is a digital distribution, digital rights management, multiplayer and communications service created by Ubisoft to provide an experience similar to the achievements/trophies offered by various other game companies.

4% remove it

The file ubi1ca5.tmp.exe has been seen being distributed by the following 2 URLs.

http://static3.cdn.ubi.com/.../hawx_2_emea_1.01.exe

http://download2us.softpedia.com/dl/bf21f48eb5355eadef81ffc149c127e1/5311762c/200078251/games/.../hawx_2_emea_1.01.exe

Scan ubi1ca5.tmp.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.