home

ultrasurf-15.04.exe

The application ultrasurf-15.04.exe has been detected as a potentially unwanted program by 5 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.stockclearhead.com and multiple other hosts.
MD5:
ec9ada5bd466b06fad955e57c90059fc

SHA-1:
a150c5f15b2f75b950e236bd828fb301fbd4e4d9

SHA-256:
864cdc71fb0026ba83403e6bb5ac1a19200b8642d9e30694fda9e16bcfe9e39f

Scanner detections:
5 / 68

Status:
Potentially unwanted

Analysis date:
11/6/2024 4:35:36 AM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Hacktool.Win32.UltraReach
4.0.3.151222

ESET NOD32
Win32/UltraReach potentially unsafe application
7.0.302.0

McAfee
Artemis!08CD5B2AA0A5
5600.6544

Rising Antivirus
PE:Malware.Generic(Thunder)!1.A1C4 [F]
23.00.65.151220

VIPRE Antivirus
UltraSurf
45948

File size:
2.1 MB (2,158,990 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\downloads\ultrasurf-15.04.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
49152:NQlwNpawHIZ2xiI8TGL3tdBKS2WelG188pCT6/sndH3bfhQ6:GlwpY0xyGL3jBKS2WZ188O6/sH3t9

Entry point:
50, 4B, 03, 04, 14, 00, 00, 00, 08, 00, DA, A1, 93, 47, 55, 79, 49, 41, 1A, F1, 20, 00, 38, D7, 21, 00, 09, 00, 00, 00, 75, 31, 35, 30, 34, 2E, 65, 78, 65, EC, B7, 55, 50, 9C, DF, B6, EE, 8D, 3B, 01, 82, 43, 70, 87, 10, DC, 03, 74, 23, DD, B8, 3B, 34, EE, 6E, 8D, 5B, E3, EE, AE, C1, DD, A1, 81, E0, 10, 48, 80, E0, 16, 23, 40, 70, 77, B7, 93, B5, D6, DE, E7, D4, D9, E7, E2, BB, FA, EE, FE, BF, AA, 51, CF, 9C, E3, 7D, 6A, D4, 98, 63, DE, CC, 57, D9, 20, 19, 01, 19, 01, 01, 01, E5, 6F, BC, BC, 20, 20, 74, 22...
 
[+]

The file ultrasurf-15.04.exe has been seen being distributed by the following 20 URLs.

http://www.stockclearhead.com/WVl6OTRQV0psY0ROdFlVcFZiVUpDZGpWV1ExcE5XVE5aVjBGRVpERk1TMjlXVFdkRE1WbGhlSFIzYW5WSk9EUWxNMFFtWXowNFZuY2xNa1l5WmtKTmRrdFFiemhVZFRZMmJYVlRWRTB3VW5kSk9FeGlhMDVLV1U4bE1rWWxNa0kwYmxjNFpIUmtVSFp2TW1nMlNURk9aSFJzY1RSb1FtUlVZM0J0UTA5WkpUSkdZbWgzTm5sRlluWmhZMnByWkV0c01IRkNWSFJ0ZVhnM1JUbHhlbGRTTTFCalRURldhMUJPWmpRd01uWjZPRGxCUjJKSmNVbElNMVZSTUhoUWVuVjZUVFZVYld0NGNIYzBORmxDZHpWWFlqWnlVU1V6UkNVelJDWmxQVEFtWkc5M2JteHZZV1JCY3oxMWJIUnlZWE4xY21ZdE1UVXVNRFF1WlhobEptWmhiR3hpWVdOclgzVnliRDFvZEhSd0pUTkJKVEpHSlRKR2NHWXVZbVZ1YW1GdGFXNXpkSEpoYUhNdVkyOXRKVEpHY3lVeVJqRTBOak00TmpRM01qa2xNa1psY3lVeVJqSWxNa1l5SlRKR01qSTFNakUwTFRFNE1EZzFOVEl0ZFd4MGNtRnpkWEptTG5wcGNBPT0=

http://www.bundleuniversenew.com/WVl6OTRQWHBhWkVveU5URndKVEpDTmtkVVRIVlVSV1JCVVc5V2VuRjFXV3hEWVU5TWFrSktWVVJJYVd0Mk5tWk9RU1V6UkNaalBWaDRVR1JCY1VNbE1rWllUVTg1ZERodU9YUmhVREk1UWlVeVFrOW1KVEpDT0dRNFkzSk1lRFE0VFNVeVJrZFNTbFJVYmtOM1pXeHFXV1J4WWxRMVpGaHpPWGRpYm5scU0wNDNRbXd3T1RCaVdUWlpTV2xHYVhGd1YyZzNZazF5U1ZwNUpUSkNaVkpKWlVrbE1rWnRiR0pKWTFabVNqWktkMVJ6UjNwNmFEUkdjalZaVjIxM1JsZ2xNa1owWkU5V1QxYzRRWEpKYVhSTFVGa3djekYyVFhacmNuUkJKVE5FSlRORUptVTlNQ1prYjNkdWJHOWhaRUZ6UFhWc2RISmhjM1Z5WmkweE5TNHdOQzVsZUdVbVptRnNiR0poWTJ0ZmRYSnNQV2gwZEhBbE0wRWxNa1lsTWtad1ppNWlaVzVxWVcxcGJuTjBjbUZvY3k1amIyMGxNa1p6SlRKR01UUTJNemMxTVRRNU9DVXlSbVZ1SlRKR01pVXlSaklsTWtZeU1qVXlNVFF0TVRnd09EVTFNaTExYkhSeVlYTjFjbVl1ZW1sdw==

https://doc-00-8g-docs.googleusercontent.com/docs/securesc/idme38u0vjit3e1uacg8dh50v92l32aq/u6adcmm34c8s1mbs048igi9117g2h4tf/1471528800000/.../05478635391284554941/0Bx2gsoqzH-gYRVVGdXJvaHVuWGc?e=download&h=07969425113516205582&nonce=gjmi6e1pqlhgk&user=05478635391284554941&hash=veehofhdcmcb6jr41emo9fo2k7hfl6p2

http://ser1.almlf.com/files/1/.../UltraSurf 2016.zip

http://www.vaultsfarmhosting.com/c?x=RPbXDYcqswdqmf2J87MnTGBw8W5VXYm2vcuMI9Ww2yk=&e=0&c=L3wD4koYFSdhNocaeJ uxGbG7COBoDq1RWHHBdox9Wc6eoB9BKfM3zH fgk38m9IFgtzNF/XoBvH7/mrqKOthjSKT9ST jf6rfeKwN9W5HDGnum9MGp87UCYdgE6nXZFIdZBe68oQaKbITcZkZNSkjOV6EsocfNX8GxPSWAiCuE=&downloadAs=ultrasurf-15.04.exe&fallback_url=http://pf.benjaminstrahs.com/s/1468344811/es/.../2/225214-1808552-ultrasurf.zip

http://fs35.filehippo.com/1397/.../u.zip

http://www.vaultsfarmhosting.com/c?x=zr S1pAPMEIzxxO3nK3NeIal0nlznsoHw 6E7bkWXgc=&e=0&c= smx0ZWQ8cZeow4mW7md/QUodI8iAmDUaigCWqSBU7z0I875xJAfVFmzUHWZqAo8VaUuKLg31Olc4llMei4V64bJLbTTXw7hf9NYhdPwTHNXTAcFqtUgliLeLTRjUGeCeMHh4 Gxm/5vXKPfNzWsER1bea0Sgb7NN73p6wzAPLk=&downloadAs=ultrasurf-15.04.exe&fallback_url=http://pf.benjaminstrahs.com/s/1468402026/es/.../2/225214-1808552-ultrasurf.zip

http://dl1.filehippo.com/.../u.zip?ttl=1467504063&token=098f078006e841b7f21c975bd3c9717f

http://113.171.224.210/.../u.zip?ich_u_r_i=0f4e3f1369c3bc231838b8f70be0e67e&ich_s_t_a_r_t=0&ich_e_n_d=0&ich_k_e_y=1645068905750363302417&ich_t_y_p_e=1&ich_d_i_s_k_i_d=10&ich_u_n_i_t=1

http://ser1.almlf.com/files/4/.../UltraSurf 2016.zip

http://www.factoryheadcentral.com/c?x=DvuYZechYuvGYzyyxSaokRTjUMAxYxpXMiQ246lncNE=&c=gZW/HlePHjFaZLwMImZvDp8F/05TUNN4yo6A4FvnQaE6lQgvaULEUX/BzpQXSZOPeWMvA9vCLFDhpTzIiq9eSQ6eTUU70FoQ2LeVP74Y9YHhrn80KN3oShJG cGO4oM/VeAlu9ycvFKYWFOgmO6kQQ==&e=0&downloadAs=ultrasurf-15.04.exe&fallback_url=http://pf.benjaminstrahs.com/s/1467067867/en/.../2/225214-1808552-ultrasurf.zip

https://tmpfile7002.s3.amazonaws.com/downloadstart/ic_trackings/23419/.../ultrasurf.exe

http://www.todaycleanbundle.com/c?x=kAp olzd2Fjok3Bet/UE3z/a4qWblYpbeausqcNcQl8=&c=OpuJsbmDw9nIuGTThXomlf6Bo0J84h3ocxKPtC9O9hzkwwFgZaEvzAwyZ3NJAfMULaUY93/jQtouvi6TZEq2hw0TrF/nJNStFxa/uRcydjPLmwt8QiJ9za/Dxn16XnWczQ84M522it8WHshjUWlCLJyl8OBalxuY/HW6iOqIyF7BOdHr7sxwGMCzvZIIKvFo&e=0&downloadAs=ultrasurf-15.04.exe&fallback_url=http://pf.benjaminstrahs.com/s/1463082655/es/.../2/225214-1808552-ultrasurf.zip

http://fs35.filehippo.com/6596/.../u.zip

http://www.vaultsheadcentral.com/c?x=dt8lq4xQTenbPgS8HBEDD4xVv5RUcbszx8byY0Xf0nU=&c=Z1uypB3uUFRxmtCm11Y46j2mmwlUeZU4Y 4GRWvG4nF 8RlyAOj7z0NvXJQIpfXJXCSee2DQnoi/WeQ9d/5Ro/6kpSQlABBPlLlE/rYeW4FZvXD3SyPRuqldlc0SC9JmkIzL4rJEtrqgDKp SAIq1lSZjOy tseuj55SfNm8UgIQa6sG8fn9QAcQaxaylW2z&e=0&downloadAs=ultrasurf-15.04.exe&fallback_url=http://pf.benjaminstrahs.com/s/1458644528/fr/.../2/225214-1808552-ultrasurf.zip

https://s3.amazonaws.com/.../u.zip

http://pf.benjaminstrahs.com/s/1456684267/en/.../2/225214-1808552-ultrasurf.zip

http://fs33.filehippo.com/3392/.../u.zip

http://files01.techspot.com/.../u.zip

http://ultrasurf.us/.../u.zip

Remove ultrasurf-15.04.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.