» ucp.exe
Overview
Analysis
File Details

ucp.exe

Ultra Core Protector

The application ucp.exe by Ultra Core Protector has been detected as a potentially unwanted program by 9 anti-malware scanners. This particular feature is designed to hijack the browser in an attempt to prevent other resources from modify the browser's search and home pages.

File name:

ucp.exe

Publisher:

Ultra Core Protector (signed and verified)

Product:

Ultra Core Protector

Version:

7.9

MD5:

39d5f25c04d288a3e204524a047906e5

SHA-1:

9ca11eee9c2f5621694e764b1bdcdb498d66e251

SHA-256:

dce10bed1d8ce099d954b3d09bd3844fc9a4b5246e1c80aedeba89a31c510414

Scanner detections:

9 / 68

Status:

Potentially unwanted

Analysis date:

4/23/2024 6:46:45 AM UTC (today)

Scan engine

Detection

Engine version

Baidu Antivirus

Adware.Win32.SearchProtect

4.0.3.151231

Bkav FE

HW32.Packed

1.3.0.7237

F-Prot

W32/Virut.AI!Generic

v6.4.7.1.166

IKARUS anti.virus

Win32.Heur

t3scan.1.9.5.0

Kaspersky

not-a-virus:HEUR:AdWare.Win32.SearchProtect

14.0.0.886

Reason Heuristics

PUP.UltraCoreProtector (M)

15.12.31.18

Trend Micro House Call

TROJ_GEN.F47V1105

7.2.365

Vba32 AntiVirus

BScope.Trojan.Diple

3.12.22.2

ViRobot

Trojan.Win32.S.Agent.812680[h]

2014.3.20.0

File size:

762.1 KB (780,424 bytes)

Product version:

7.9.0.0

Original file name:

ucp.exe

File type:

Executable application (Win32 EXE)

Digital Signature

Signed by:

Ultra Core Protector

Authority:

Ultra Core Protector

Valid from:

12/12/2012 6:44:42 PM

Valid to:

1/1/2040 2:59:59 AM

Subject:

CN=Endi, OU=http://ucp-anticheat.org, E=support@ucp-anticheat.org, O=Ultra Core Protector, C=RU

Issuer:

CN=Endi, OU=http://ucp-anticheat.org, E=support@ucp-anticheat.org, O=Ultra Core Protector, C=RU

Serial number:

E0177238F19B3FB5462942142E1145B1

File PE Metadata

Compilation timestamp:

4/2/2013 6:39:01 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

5.12

CTPH (ssdeep):

12288:cxRRQAZWCO0wWCXuxwK1FLiyZ411ghEoOr1P4vb1AdPbl4ewzbUJI4jqcSy7JRST:i1vwXuwc1a11Qmr+TObl4LfsjqcSy/ST

Entry address:

0x349F48B

Entry point:

E8, 79, A5, FF, FF, F9, F5, 69, D2, 0A, 00, 00, 00, 39, CD, 38, CB, 80, FF, DB, 9C, 01, C2, 9C, 60, 8D, 64, 24, 28, E9, 23, A6, F6, FF, 80, 7D, EB, 00, 0F, 85, 19, 00, 00, 00, C1, 65, E8, 08, C1, 65, E4, 08, 50, AC, FE, C0, C0, C8, 02, FE, C0, F6, D0, 2C, D1, 88, 45, E4, 58, C3, 66, C7, 04, 24, 82, CE, E9, 19, ED, FF, FF, 6F, 24, 61, CB, 29, EB, 60, 29, 72, 41, 50, 79, 56, F7, B9, DC, 86, 79, 20, 71, 20, 51, E0, E5, B4, F5, A9, E8, AC, BA, 8F, 5C, 97, 04, 4B, 97, 4D, 42, 67, 19, 86, 12, 91, 07, 7B, 89, FA... 
[+]

Code size:

340.5 KB (348,672 bytes)

Remove ucp.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.