home

batchupload_2.ocx

BatchUpload ActiveX Control Module

JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.,LTD.

The file batchupload_2.ocx by JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.,LTD has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
www.9158.com  (signed by JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.,LTD.)

Product:
BatchUpload ActiveX Control Module

Version:
1, 0, 0, 1

MD5:
d824d40e5f661d193e1f2b87e583c4a6

SHA-1:
a461226f327c0515aca085a412c24f7a10482631

SHA-256:
7080802babc4f4a66b1abbce2c985a298b4a2fbb8b778bfd6bc8b471bb1d5dd1

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/16/2024 1:52:04 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.JINHUA9158NETWORKSCIENCEANDTECHNOLOGYCOLTD.N
14.9.3.5

File size:
233.9 KB (239,560 bytes)

Product version:
1, 0, 0, 1

Copyright:
www.9158.com Copyright (C) 2006

Original file name:
BatchUpload.OCX

File type:
OLE control extension (Win32 OCX)

Common path:
C:\Program Files\9158virtualcamera\bin\myspace\batchupload_2.ocx

Digital Signature
Signed by:
JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.,LTD.

Authority:
VeriSign, Inc.

Valid from:
8/13/2009 8:00:00 AM

Valid to:
8/13/2012 7:59:59 AM

Subject:
CN="JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.,LTD.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.,LTD.", L=Jinhua, S=Zhejiang, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1FCD2BE9A7D4488439C3DF8B4DD2E8EF

File PE Metadata
Compilation timestamp:
5/7/2012 4:26:10 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
6144:QJlEtA/71xLNp9R9p1FJLLLrLO7/1KKAF8ZOgvrT3ibHDVmxX:QJlEtKLNp9R9p1FJLLLrLO7/4KAF7rJe

Entry address:
0x1ADE9

Entry point:
83, 7C, 24, 08, 01, 75, 05, E8, CF, 04, 00, 00, FF, 74, 24, 04, 8B, 4C, 24, 10, 8B, 54, 24, 0C, E8, CD, FE, FF, FF, 59, C2, 0C, 00, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, B4, 86, 02, 10, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, B4, 86, 02, 10, 33, C5, 50, 89, 65, F0, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF...
 
[+]

Entropy:
6.3696

Code size:
116 KB (118,784 bytes)

Safe for Initializing Control
CLSID:
{AD7C9286-300C-416B-A327-03CEADA74207}

CLSID name:
BatchUpload Control


Remove batchupload_2.ocx - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.