uibia.exe

ZhongXiang ZhiXing Network Service Co., Ltd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Uibia’.
Publisher:

MD5:
55827cd6a44771ecc5828952e97494eb

SHA-1:
5a81bbef9c394c2afcab53c8517d75bacb9834f7

SHA-256:
826e861a626e4994639dc753e2fe22b205d63f6289dab4f4f61b0b04997073b3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 6:36:00 PM UTC  (today)

File size:
2.3 MB (2,393,584 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\uibia\uibia.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
5/31/2012 8:00:00 AM

Valid to:
8/31/2013 7:59:59 AM

Subject:
CN="ZhongXiang ZhiXing Network Service Co., Ltd.", OU=Software Department, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="ZhongXiang ZhiXing Network Service Co., Ltd.", L=ZhongXiang, S=HuBei, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
51F9220230FFAD7ECF5F6730207A8C85

File PE Metadata
Compilation timestamp:
6/20/1992 6:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:6h4Rt6E8gvOve+UGRl8ghq/OfCGgyPpHngrieM:6yWE8l8MDgf1M

Entry address:
0x1645DC

Entry point:
55, 8B, EC, 83, C4, F0, B8, 74, 3F, 56, 00, E8, 20, 22, EA, FF, 68, 78, 46, 56, 00, 68, 84, 46, 56, 00, E8, 81, 2C, EA, FF, 85, C0, 76, 11, 6A, 00, 6A, 00, 68, 00, 14, 00, 00, 50, E8, 4E, 2F, EA, FF, EB, 60, A1, E8, BE, 56, 00, 8B, 00, E8, A0, 2D, F2, FF, 8B, 0D, 38, BB, 56, 00, A1, E8, BE, 56, 00, 8B, 00, 8B, 15, 1C, EC, 55, 00, E8, A0, 2D, F2, FF, 8B, 0D, E4, BD, 56, 00, A1, E8, BE, 56, 00, 8B, 00, 8B, 15, 8C, 65, 51, 00, E8, 88, 2D, F2, FF, 8B, 0D, EC, BC, 56, 00, A1, E8, BE, 56, 00, 8B, 00, 8B, 15, 68...
 
[+]

Entropy:
6.8501

Developed / compiled with:
Microsoft Visual C++

Code size:
1.4 MB (1,456,128 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Uibia

Command:
"C:\Program Files\uibia\uibia.exe" \start


Scan uibia.exe - Powered by Reason Core Security