uusee_down_setup_2014.exe

uusee.com install

Beijing Shi Yue Network Technology Co., Ltd.

The executable uusee_down_setup_2014.exe has been detected as malware by 10 anti-virus scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer.
Publisher:
uusee.com  (signed by Beijing Shi Yue Network Technology Co., Ltd.)

Product:
uusee.com install

Description:
uusee.com

Version:
8.14.606.1

MD5:
515dd6c75d03994a59f5da6df0664e19

SHA-1:
67675d7ef0ab2b43657ae281ca924b270bfe4bc5

SHA-256:
22c42aaaeddfd2d21a2ff68fa2d5fae01bbc6b07ad63376d9185cffde0d97006

Scanner detections:
10 / 68

Status:
Malware

Analysis date:
11/24/2024 9:49:15 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.Agent
7.1.1

Comodo Security
Heur.Suspicious
21126

Dr.Web
Trojan.Siggen4.45560
9.0.1.054

Malwarebytes
Trojan.Downloader
v2015.02.23.10

McAfee
Artemis!515DD6C75D03
5600.6845

NANO AntiVirus
Trojan.Win32.Siggen4.dfohkp
0.30.0.126

Norman
APT1.A
11.20150223

Sophos
Address Tool Bar
4.98

VIPRE Antivirus
Trojan.Win32.Generic
37684

Zillya! Antivirus
Trojan.Patched.Win32.37527
2.0.0.2073

File size:
6.9 MB (7,195,920 bytes)

Copyright:
UUSEE Inc.

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
6/6/2014 8:00:00 AM

Valid to:
7/7/2015 7:59:59 AM

Subject:
CN="Beijing Shi Yue Network Technology Co., Ltd.", OU=Product department, O="Beijing Shi Yue Network Technology Co., Ltd.", L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6F1D5653FB0BBF0A3BC9AD1A146A0EA5

File PE Metadata
Compilation timestamp:
6/19/2009 5:33:27 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
196608:spuTQp7k1R4wURxgHJ6DVYJGgk21SmIsbCgmDu37mssC:spRVqJQgHJ6RYJJgEb1mA7iC

Entry address:
0x3291

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 28, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 38, 3F, 42, 00, E8, BA, 2C, 00, 00, A3, 84, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 50, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B0, 91, 40, 00, 68, 80, 36, 42, 00, E8, 43, 29, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, 31, 29, 00, 00...
 
[+]

Entropy:
7.9994

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

Remove uusee_down_setup_2014.exe - Powered by Reason Core Security