» ucp.exe
Overview
Analysis
File Details

ucp.exe

Ultra Core Protector

The application ucp.exe by Ultra Core Protector has been detected as a potentially unwanted program by 9 anti-malware scanners. This particular feature is designed to hijack the browser in an attempt to prevent other resources from modify the browser's search and home pages.

File name:

ucp.exe

Publisher:

Ultra Core Protector (signed and verified)

Product:

Ultra Core Protector

Version:

6.9

MD5:

582286b3b2daa8a48d41d782ade90386

SHA-1:

464cc197b01e614b317e07d7ecaa7e6ed17a5914

SHA-256:

fb9bab51016e5d80adf93cca989d53ce56bedc9ab99c66af840dd772e9711372

Scanner detections:

9 / 68

Status:

Potentially unwanted

Analysis date:

11/15/2024 6:34:50 AM UTC (today)

Scan engine

Detection

Engine version

Baidu Antivirus

Adware.Win32.SearchProtect

4.0.3.16214

Bkav FE

HW32.Packed

1.3.0.7237

F-Prot

W32/Virut.AI!Generic

v6.4.7.1.166

IKARUS anti.virus

Win32.Heur

t3scan.1.9.5.0

Kaspersky

not-a-virus:HEUR:AdWare.Win32.SearchProtect

14.0.0.662

Reason Heuristics

PUP.UltraCoreProtector (M)

16.2.14.14

Trend Micro House Call

TROJ_GEN.F47V1105

7.2.45

Vba32 AntiVirus

BScope.Trojan.Diple

3.12.22.2

ViRobot

Trojan.Win32.S.Agent.812680[h]

2014.3.20.0

File size:

589.2 KB (603,304 bytes)

Product version:

6.9.0.0

Original file name:

ucp.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\hl2 deathmatch v23 - xbit project\ucp.exe

Digital Signature

Signed by:

Ultra Core Protector

Authority:

Ultra Core Protector

Valid from:

6/13/2011 6:46:50 AM

Valid to:

1/1/2040 3:59:59 AM

Subject:

CN=Endi, OU=http://ucp-anticheat.org, E=support@ucp-anticheat.org, O=Ultra Core Protector, C=RU

Issuer:

CN=Endi, OU=http://ucp-anticheat.org, E=support@ucp-anticheat.org, O=Ultra Core Protector, C=RU

Serial number:

0F59E490B94F50A141A65A6F99721A6E

File PE Metadata

Compilation timestamp:

6/13/2011 6:41:36 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

5.12

CTPH (ssdeep):

12288:rCmn0TeMMnw1Za9mEWd8taPwYByj5WgkIa3s4B4M4GRgxMqit1dn92G0l:f06NK8tnYBg54Ia3V2M4Gexi929

Entry address:

0x343EBA7

Entry point:

68, 78, A9, 83, 3B, 88, 2C, 24, 60, C7, 44, 24, 20, 65, A0, 16, B5, E9, C5, E7, FF, FF, 19, 40, EE, A6, 69, 1D, 1B, FF, D2, 8B, AA, 7F, F2, AD, 26, C7, E4, B6, 18, 65, 5E, 7F, 71, 8E, D4, 2A, B3, 0A, 5F, F8, EE, 96, 74, 10, E7, 03, 80, 63, FC, 81, 52, 99, C8, E7, 8C, 8A, 98, 55, 5D, 44, 94, 5F, 12, 8A, CC, 6D, B7, 50, 0B, E8, F5, 9A, 5F, 55, AF, 26, CB, 55, 1E, 25, 78, 71, 8E, 9F, DB, 3B, C3, FF, EE, 96, 30, 92, 99, 7A, 94, DF, D0, 8D, 38, F9, EB, 64, E3, C2, 56, E3, 57, BC, 5B, E9, F2, A1, 69, 1D, 07, 03... 
[+]

Code size:

52.3 MB (54,795,776 bytes)

Remove ucp.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.