» upo61b0.tmp.hlh
Overview
Analysis
File Details

upo61b0.tmp.hlh

Sice Xing

The file upo61b0.tmp.hlh by Sice Xing has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

upo61b0.tmp.hlh

Publisher:

Sice Xing (signed and verified)

MD5:

925dc90d1c31b421fbfb8e343f74a4da

SHA-1:

b8f594fc40bef24dd9a5f4decca14b68be6d091c

SHA-256:

536a81e7c13c94bbbd92a9d60e4bb24c562d71d366f8a31d02049be9b8ecb214

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/16/2024 12:39:22 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Elex (M)

16.10.2.15

File size:

468.4 KB (479,616 bytes)

Common path:

C:\windows\temp\upo61b0.tmp.hlh

Digital Signature

Signed by:

Sice Xing

Authority:

thawte, Inc.

Valid from:

5/6/2016 2:00:00 AM

Valid to:

4/2/2017 1:59:59 AM

Subject:

CN=Sice Xing, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:

CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:

358C4C30C91718ECFB0999261DB321AC

File PE Metadata

Compilation timestamp:

5/20/2016 10:35:29 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

12288:kEfmEQ0P9ZIVOLU+eOIyNEIkDzNEIkOMx5nx52:9fm7014OU+eahqhVMxVx4

Entry address:

0x26810

Entry point:

E0, 04, 03, 10, E7, 05, 03, 10, BE, 04, 03, 10, F7, 05, 03, 10, 42, 06, 03, 10, 63, 06, 03, 10, 00, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 01, 07, 07, 02, 07, 07, 03, 07, 01, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 04, 07, 07, 07, 05, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 06, 8B, FF, C3, 07, 03, 10, BC, 0E, 03, 10, 7A, 13, 03, 10, 1D, 0D, 03, 10, 5C, 13, 03, 10, B5, 0E, 03, 10... 
[+]

Code size:

334.5 KB (342,528 bytes)

Remove upo61b0.tmp.hlh - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.