uncheckitupdate.exe

Uncheckit Module

EVANGEL TECHNOLOGY(HK) LIMITED

The application uncheckitupdate.exe by EVANGEL TECHNOLOGY(HK) LIMITED has been detected as a potentially unwanted program by 12 anti-malware scanners. It runs as a scheduled task under the Windows Task Scheduler named UncheckitUpdateTaskC triggered daily at a specified time.
Publisher:
EVANGEL TECHNOLOGY (HK) LIMITED  (signed by EVANGEL TECHNOLOGY(HK) LIMITED)

Product:
Uncheckit Module

Description:
Uncheckit update

Version:
2.0.8.25888

MD5:
32b2d90ec1823b06e6c3960069f62bec

SHA-1:
99106b314bc7316da90b4e5c1eb0b072c87327fc

SHA-256:
e2cf2d34bd683f4da94d1facf203d8560229768570a95e0e661fe05300b6c133

Scanner detections:
12 / 68

Status:
Potentially unwanted

Analysis date:
11/5/2024 10:09:19 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Pioneer-C
160414-2

AVG
Win32/Floxif.A
2015.0.4568

Dr.Web
Adware.Mutabaha.1349, Win32.FloodFix.7
9.0.1.05190

Emsisoft Anti-Malware
Win32.Floxif
11.5.0.6191

ESET NOD32
Win32/Floxif.H virus
8.0.319.0

F-Prot
W32/Floxif.B
4.6.5.141

F-Secure
Win32.Floxif.A
5.15.96

Kaspersky
Virus.Win32.Pioneer
15.0.0.562

McAfee
Trojan.Dropper-FIY!32B2D90EC182
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.223.730.0

Norman
Win32.Floxif.A
28.05.2016 15:32:18

Sophos
Virus 'W32/Floxif-C'
5.23

File size:
262.3 KB (268,583 bytes)

Product version:
2.0.8.25888

Copyright:
Copyright (c) 2011-2016 EVANGEL TECHNOLOGY (HK) LIMITED

Original file name:
Update.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\uncheckit\uncheckitupdate.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
5/31/2016 9:09:28 AM

Valid to:
11/26/2016 3:27:12 PM

Subject:
CN=EVANGEL TECHNOLOGY(HK) LIMITED, O=EVANGEL TECHNOLOGY(HK) LIMITED, L=香港, S=香港, C=HK

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121B2DF1544455F939E5B47B0797027BA42

File PE Metadata
Compilation timestamp:
5/31/2016 9:17:09 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
6144:xy+eJ0i+gxixKlmPvozEpBV+UdvrEFp7hKk:xy+ej+gMLoaBjvrEH7L

Entry address:
0x18936

Entry point:
E9, 75, 11, FF, FF, E9, 4C, FE, FF, FF, 55, 8B, EC, FF, 15, 84, D0, 41, 00, 6A, 01, A3, 24, 9B, 42, 00, E8, 9D, 06, 00, 00, FF, 75, 08, E8, 9B, 06, 00, 00, 83, 3D, 24, 9B, 42, 00, 00, 59, 59, 75, 08, 6A, 01, E8, 83, 06, 00, 00, 59, 68, 09, 04, 00, C0, E8, 84, 06, 00, 00, 59, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, 23, 17, 00, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, 08, 99, 42, 00, 89, 0D, 04, 99, 42, 00, 89, 15, 00, 99, 42, 00, 89, 1D, FC, 98, 42, 00, 89, 35, F8, 98, 42, 00, 89, 3D, F4...
 
[+]

Entropy:
6.7793

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
109.5 KB (112,128 bytes)

Scheduled Task
Task name:
UncheckitUpdateTaskC

Trigger:
Daily (Runs daily at 6:45 PM)

Description:
Uncheckit Update Task


Remove uncheckitupdate.exe - Powered by Reason Core Security