home

ucoresys.sys

American Megatrends, Inc.

It runs as a Windows 64-bit kernel mode device driver named “UCORESYS”.
Publisher:
American Megatrends, Inc.  (signed and verified)

MD5:
9555d36fb21b993e5c4b98c2fc2b3671

SHA-1:
210a98be7da32cea98618c5a9640c23ce518c0ee

SHA-256:
fd6f56189cd723b32fc06392867fcd5128e63d8b5801e4f7a83523f820531981

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 6:15:35 AM UTC  (today)

File size:
15.1 KB (15,432 bytes)

File type:
Driver (Win64 SYS)

Common path:
C:\Windows\System32\drivers\ucoresys.sys

Digital Signature
Signed by:
American Megatrends, Inc.

Authority:
VeriSign, Inc.

Valid from:
9/30/2006 2:00:00 AM

Valid to:
11/17/2009 12:59:59 AM

Subject:
CN="American Megatrends, Inc.", OU=Headquarters, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="American Megatrends, Inc.", L=Norcross, S=Georgia, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
08DFD80B2826716554B1FB8CFA5043D7

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
384:pp4uPb5yDmnoMXP1oy5KYJLWd6jH9inbjJE:pp4sEmTDLAmH94b6

Entry point:
55, 8B, EC, 83, EC, 14, 53, 56, 57, 68, 48, 1A, 01, 00, E8, A9, 00, 00, 00, 8B, 3D, 0C, 03, 01, 00, 8D, 45, F4, C7, 04, 24, 6C, 1A, 01, 00, 50, FF, D7, 8B, 75, 08, 8D, 45, FC, 50, 6A, 00, 6A, 00, 68, 00, FA, 00, 00, 8D, 45, F4, 50, 6A, 20, 56, FF, 15, E8, 02, 01, 00, 8B, D8, 85, DB, 7C, 5F, 68, 90, 1A, 01, 00, 8D, 45, EC, 50, FF, D7, 8D, 45, F4, 50, 8D, 45, EC, 50, FF, 15, E4, 02, 01, 00, 8B, D8, 85, DB, 7D, 16, 68, AC, 1A, 01, 00, E8, 4A, 00, 00, 00, 59, FF, 75, FC, FF, 15, C0, 02, 01, 00, EB, 35, 8B, 55...
 
[+]

Entropy:
7.0045

Developed / compiled with:
Microsoft Visual C++

Driver
Display name:
UCORESYS

Type:
Kernel device driver (KernelDriver)


The file ucoresys.sys has been discovered within the following program.

eBLU  by Elitegroup Computer Systems
www.ecs.com.tw
About 7% of users remove it
 
Powered by Should I Remove It?

Scan ucoresys.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.