home

upob30f.tmp.hlh

Sice Xing

The file upob30f.tmp.hlh by Sice Xing has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Sice Xing  (signed and verified)

MD5:
932818c6e282247e8c684f80ac7299da

SHA-1:
84cf77a80a2d4a01d05ad0ad69c73e3db7b1a57e

SHA-256:
1f7214cca5564840fbf21b301996a3d6d17114edf6ba1ce655d706b2d4dc7af8

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/16/2024 12:21:15 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Elex (M)
17.3.15.18

File size:
464.4 KB (475,520 bytes)

Common path:
C:\windows\temp\upob30f.tmp.hlh

Digital Signature
Signed by:
Sice Xing

Authority:
thawte, Inc.

Valid from:
5/6/2016 8:00:00 AM

Valid to:
4/2/2017 7:59:59 AM

Subject:
CN=Sice Xing, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
358C4C30C91718ECFB0999261DB321AC

File PE Metadata
Compilation timestamp:
5/20/2016 5:39:06 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x25D30

Entry point:
0F, BE, 85, EF, C3, FF, FF, 83, F8, 02, 74, 10, 0F, BE, 8D, EF, C3, FF, FF, 83, F9, 01, 0F, 85, 98, 00, 00, 00, 8B, 55, 10, 83, E2, 01, 75, 0C, C7, 85, 80, C3, FF, FF, 01, 00, 00, 00, EB, 0A, C7, 85, 80, C3, FF, FF, 00, 00, 00, 00, 8B, 85, 80, C3, FF, FF, 89, 85, 78, C3, FF, FF, 83, BD, 78, C3, FF, FF, 00, 75, 23, 68, 50, 77, 05, 10, 68, 1C, 39, 06, 10, 6A, 00, 6A, 74, 68, E0, 85, 05, 10, 6A, 02, E8, C7, 40, FF, FF, 83, C4, 18, 83, F8, 01, 75, 01, CC, 83, BD, 78, C3, FF, FF, 00, 75, 39, E8, 30, A5, FF, FF...
 
[+]

Entropy:
6.4837

Code size:
331.5 KB (339,456 bytes)

Remove upob30f.tmp.hlh - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.