» uninst_Micropop.exe
Overview
Analysis
File Details

uninst_Micropop.exe

uninst_Micropop

UCF

The application uninst_Micropop.exe by UCF has been detected as adware by 20 anti-malware scanners.

File name:

uninst_Micropop.exe

Publisher:

UCF (signed and verified)

Product:

uninst_Micropop

Version:

1, 0, 0, 1

MD5:

a998eb99ad2433f6f7d2d6bfe5be71d9

SHA-1:

8fdb07b290fd32bd0747e577ea861110edbdd077

SHA-256:

12c3e90c1d9212afddabfffefc6d86ab44e64df533a5083d0ba2d45b594219d3

Scanner detections:

20 / 68

Status:

Adware

Analysis date:

5/11/2024 3:08:01 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Application.Generic.411923

1011

Avira AntiVirus

Adware/Kraddare.EK.4

7.11.123.8

avast!

Win32:Adware-AZI [Adw]

2014.9-140430

AVG

SecurityTool.V

2015.0.3489

Bitdefender

Application.Generic.411923

1.0.20.600

Comodo Security

UnclassifiedMalware

17539

ESET NOD32

Win32/Adware.Kraddare.EK (variant)

8.9240

Fortinet FortiGate

Riskware/Kraddare

4/30/2014

F-Secure

Application.Generic.411923

11.2014-30-04_4

G Data

Application.Generic.411923

14.4.22

K7 AntiVirus

Adware

13.174.10689

Malwarebytes

Rogue.Micropop

v2014.04.30.12

Microsoft Security Essentials

Rogue:Win32/Onescan

1.165.247.01

MicroWorld eScan

Application.Generic.411923

15.0.0.360

Reason Heuristics

PUP.UCF.P

14.8.8.0

Sophos

Mal/FakeAV-OX

4.96

SUPERAntiSpyware

Trojan.Agent/Gen-FraudScan[Prod]

10635

Trend Micro House Call

TROJ_GEN.RCBOCKJ

7.2.120

Trend Micro

TROJ_GEN.RCBOCKJ

10.465.30

VIPRE Antivirus

Trojan.Win32.Generic

25008

File size:

137.5 KB (140,832 bytes)

Product version:

1, 0, 0, 1

Original file name:

uninst_Micropop.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\windows\syswow64\uninst_micropop.exe

Digital Signature

Signed by:

UCF

Authority:

Thawte, Inc.

Valid from:

12/13/2011 9:00:00 AM

Valid to:

5/22/2012 8:59:59 AM

Subject:

CN=UCF, O=UCF, L="Haeundae-gu ", S=Busan, C=KR

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

7EF60F738FD75ED16633695ABC394E46

File PE Metadata

Compilation timestamp:

12/16/2011 1:20:16 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

3072:CFSDgqi1MdgVj9uk4fKn8ej7e0Z+mONV+nTT3B9B2uIbVMK6xm:USDgZ1MojhQK9jX+m3/TB2uIbV/6Q

Entry address:

0xA0620

Entry point:

60, BE, 00, 10, 48, 00, 8D, BE, 00, 00, F8, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89... 
[+]

Entropy:

7.8444

Packer / compiler:

UPX 2.90LZMA]

Code size:

128 KB (131,072 bytes)

Remove uninst_Micropop.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.