Uplauncher.exe

Arkalys Uplauncher

ARKALYS

The executable Uplauncher.exe has been detected as malware by 11 anti-virus scanners. This is a setup program which is used to install the application. It runs as a scheduled task under the Windows Task Scheduler. The file has been seen being downloaded from download1339.mediafire.com.
Publisher:
ARKALYS

Product:
Arkalys Uplauncher

Version:
1.0.1

MD5:
5d16e5375b50ffc8a1f78856cf98fc3e

SHA-1:
96356dad6f08b66d552f150b5640d74cf7212354

SHA-256:
b8c2cdb9081cafa9976fff67d840d466150f529f39a8377eb90919906e35c53d

Scanner detections:
11 / 68

Status:
Malware

Analysis date:
12/26/2024 3:35:33 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Strictor.52313
691

Bitdefender
Gen:Variant.Strictor.52313
1.0.20.375

Dr.Web
Trojan.DownLoader11.4513
9.0.1.075

Emsisoft Anti-Malware
Gen:Variant.Strictor.52313
8.15.03.16.01

F-Secure
Gen:Variant.Strictor.52313
11.2015-16-03_2

G Data
Gen:Variant.Strictor.52313
15.3.25

IKARUS anti.virus
Win32.SuspectCrc
t3scan.1.8.6.0

McAfee
Artemis!0310823681B9
5600.6727

MicroWorld eScan
Gen:Variant.Strictor.52313
16.0.0.225

Qihoo 360 Security
Win32/Trojan.22f
1.0.0.1015

VIPRE Antivirus
Trojan.Win32.Generic
38064

File size:
1.5 MB (1,552,896 bytes)

Product version:
1.0.1

Copyright:
Copyright © 2015 ARKALYS - Tous droits réservés

Trademarks:
ARKALYS

Original file name:
Uplauncher.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\arkalysgame\uplauncher.exe

File PE Metadata
Compilation timestamp:
3/12/2015 7:18:32 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:gepXJjaBWOshChwrB8lAFN7ZAxglxB5bRLtZ2tDcaJUuu/nkVQ/omaRuFewCCcZH:h5mRsD9tFpyKZktAaJQ/kVQ/qRsewdcy

Entry address:
0x17817E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
1.5 MB (1,532,416 bytes)

Scheduled Task
Task name:
{ED227FFA-9CE6-43E7-A776-4C4A9C38618E}

Trigger:
Registration (Runs on registration)


The file Uplauncher.exe has been seen being distributed by the following URL.

Remove Uplauncher.exe - Powered by Reason Core Security