» ucp.exe
Overview
Analysis
File Details
Behaviors (1)

ucp.exe

Ultra Core Protector

The executable ucp.exe has been detected as malware by 1 anti-virus scanner.

File name:

ucp.exe

Publisher:

Ultra Core Protector (signed and verified)

Product:

Ultra Core Protector

Version:

6.7

MD5:

1ccd6ebd1fa44ae69a52eafa4929b096

SHA-1:

701cc66968e3dc45efe89d75afd46d7bcdf7e086

SHA-256:

985ec5e9e64a874c7e10e4fa54777c0d8ad1bcf69809fe98e03e883d7c569793

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

11/30/2024 10:24:24 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP (M)

16.9.4.6

File size:

588.2 KB (602,280 bytes)

Product version:

6.7.0.0

Original file name:

ucp.exe

File type:

Executable application (Win32 EXE)

Digital Signature

Signed by:

Ultra Core Protector

Authority:

Ultra Core Protector

Valid from:

7/2/2010 8:20:34 PM

Valid to:

1/1/2040 2:59:59 AM

Subject:

CN=Endi, OU=http://ucp-anticheat.org, E=support@ucp-anticheat.org, O=Ultra Core Protector, C=RU

Issuer:

CN=Endi, OU=http://ucp-anticheat.org, E=support@ucp-anticheat.org, O=Ultra Core Protector, C=RU

Serial number:

D042281A9BEBA8A747DC1E5650531704

File PE Metadata

Compilation timestamp:

3/24/2011 3:25:40 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

5.12

CTPH (ssdeep):

12288:kCsKgyTbYFrndTh3Fb9XHhcqmP/Ln0v75m8cbTPEQCafX4bdcRtiVr:4jbLVhhHm/K5G8Q1fVXix

Entry address:

0x33B75B1

Entry point:

60, 68, A1, 90, 12, 98, E9, 6F, 43, 00, 00, C7, 44, 24, 04, 1A, F1, 60, 59, 9C, E8, 0D, EF, FF, FF, 3C, 09, E9, 90, 84, 08, 00, C6, 04, 24, AD, 8D, 64, 24, 04, 0F, 87, 75, E9, FF, FF, 66, 39, FF, D0, E8, D2, C8, 29, FB, 9C, 66, 81, E7, 49, 93, 8D, 64, 24, 04, 01, E3, 0F, BD, FF, 89, DF, 0F, 99, C0, B0, 2E, 84, F6, F2, AE, E8, B9, 17, 00, 00, 88, 24, 24, 8D, 64, 24, 2C, 0F, 82, 17, 36, 00, 00, 60, 83, F9, 0A, 66, 0F, C8, 66, 0F, C8, 0F, 9B, C4, E9, 73, 01, 00, 00, 0F, 00, 4C, 24, 00, E8, 1E, 37, 07, 00, 88... 
[+]

Code size:

52.3 MB (54,794,752 bytes)

Windows Firewall Allowed Program

Name:

ultra core protector

Remove ucp.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.