home

ucx0.dll

ucx Module

Lotuspond Software Technology (Beijing) Co., Ltd.

The module ucx0.dll by Lotuspond Software Technology (Beijing) Co. has been detected as a potentially unwanted program by 12 anti-malware scanners.
Publisher:
北京莲塘软件技术有限公司  (signed by Lotuspond Software Technology (Beijing) Co., Ltd.)

Product:
ucx Module

Description:
ucx 支持模块

Version:
1, 0, 3, 21

MD5:
c8d2440da0ce2df6aee499d4257e3eb6

SHA-1:
771b6f62a2b55cb8ef7e1371c305b28eef9a78b8

SHA-256:
5d4079b19daf742a83011c78b232257db54d3d67fa12841300c2f9e175f6eeca

Scanner detections:
12 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 12:16:24 AM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
Win-Adware/Lotuspond.extMenu
2012.12.14

AVG
Suspicion: unknown virus
2015.0.3558

Bitdefender
Trojan.Generic.7304669
1.0.20.250

Emsisoft Anti-Malware
Trojan.Generic.7304669
8.14.02.19.10

Fortinet FortiGate
W32/FakeAV.RD!tr
2/19/2014

F-Secure
Trojan.Generic.7304669
11.2014-19-02_4

G Data
Trojan.Generic.7304669
14.2.22

K7 AntiVirus
Trojan
13.155.7991

MicroWorld eScan
Trojan.Generic.7304669
15.0.0.150

nProtect
Trojan.Generic.7304669
12.12.14.01

Sophos
Troj/FakeAV-RD
4.84

VIPRE Antivirus
Trojan.Win32.Generic
14476

File size:
85.8 KB (87,872 bytes)

Product version:
1, 0, 3, 21

Copyright:
Copyright 2002-2004 北京莲塘软件技术有限公司

Original file name:
ucx.DLL

File type:
Dynamic link library (Win32 DLL)

Language:
Chinese (PRC)

Common path:
C:\Program Files\ltucx\ucx0.dll

Digital Signature
Signed by:
Lotuspond Software Technology (Beijing) Co., Ltd.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
9/15/2004 11:44:08 AM

Valid to:
9/29/2006 2:51:49 PM

Subject:
CN="Lotuspond Software Technology (Beijing) Co., Ltd.", OU=Secure Application Development, O="Lotuspond Software Technology (Beijing) Co., Ltd.", L=Beijing, S=Beijing, C=CN

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
3E9A2C

Registration
CLSID:
{1BC9C07C-E528-4986-8844-1CDAC33496BE}

ProgID:
Ucx.ucxx.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
10/12/2004 11:54:54 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:yAUeErR8XTzpRgIfngIF/NrYYPqONICS4AMlyC9skwnoc:yBvR8XznxdNrYeOylyC9skwnd

Entry address:
0x4D7D

Entry point:
55, 8B, EC, 53, 8B, 5D, 08, 56, 8B, 75, 0C, 57, 8B, 7D, 10, 85, F6, 75, 09, 83, 3D, 60, 07, 01, 10, 00, EB, 26, 83, FE, 01, 74, 05, 83, FE, 02, 75, 22, A1, DC, 07, 01, 10, 85, C0, 74, 09, 57, 56, 53, FF, D0, 85, C0, 74, 0C, 57, 56, 53, E8, 15, FF, FF, FF, 85, C0, 75, 04, 33, C0, EB, 4E, 57, 56, 53, E8, 63, D2, FF, FF, 83, FE, 01, 89, 45, 0C, 75, 0C, 85, C0, 75, 37, 57, 50, 53, E8, F1, FE, FF, FF, 85, F6, 74, 05, 83, FE, 03, 75, 26, 57, 56, 53, E8, E0, FE, FF, FF, 85, C0, 75, 03, 21, 45, 0C, 83, 7D, 0C, 00...
 
[+]

Entropy:
6.1172

Code size:
44 KB (45,056 bytes)

Remove ucx0.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.