home

upo85cf.tmp.hlh

Sice Xing

The file upo85cf.tmp.hlh by Sice Xing has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Sice Xing  (signed and verified)

MD5:
6c84f84165b93e545e75361b56ed2823

SHA-1:
ac4fb5200f7e506d228d6c33b9af944aca1e58a6

SHA-256:
7b52197074b9ced528a78701fac7f21006748957c063a6fa829566e4ab981129

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/16/2024 12:45:58 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Elex (M)
16.9.8.18

File size:
468.4 KB (479,616 bytes)

Common path:
C:\windows\temp\upo85cf.tmp.hlh

Digital Signature
Signed by:
Sice Xing

Authority:
thawte, Inc.

Valid from:
5/6/2016 8:00:00 AM

Valid to:
4/2/2017 7:59:59 AM

Subject:
CN=Sice Xing, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
358C4C30C91718ECFB0999261DB321AC

File PE Metadata
Compilation timestamp:
5/20/2016 4:35:29 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
12288:kEfmnQ0I9ZINhLUYIfDwqNEIkbwK2NEIkOMx52:9fmQ0yIURTho+hVMx4

Entry address:
0x26810

Entry point:
45, FC, 83, 7D, FC, 01, 74, 0E, 83, 7D, FC, 01, 7E, 20, 83, 7D, FC, 03, 7E, 0F, EB, 18, E8, 4D, 8D, FF, FF, C7, 00, 21, 00, 00, 00, EB, 0B, E8, 40, 8D, FF, FF, C7, 00, 22, 00, 00, 00, 8B, E5, 5D, C3, CC, CC, CC, CC, CC, CC, 55, 8B, EC, 83, EC, 20, 8B, 45, 0C, 50, E8, A1, F6, FF, FF, 83, C4, 04, 89, 45, E4, 83, 7D, E4, 00, 74, 5E, 8B, 4D, 08, 89, 4D, E0, 8B, 55, 10, 89, 55, E8, 8B, 45, 14, 89, 45, EC, 8B, 4D, 18, 89, 4D, F0, 8B, 55, 1C, 89, 55, F4, 8B, 45, 20, 89, 45, F8, 8B, 4D, 24, 89, 4D, FC, 68, FF, FF...
 
[+]

Entropy:
6.3159

Code size:
334.5 KB (342,528 bytes)

Remove upo85cf.tmp.hlh - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.