» upsag_ap.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

upsag_ap.exe

Upsmon

RPS S.p.A

It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in. This is installed with Upsmon.

File name:

upsag_ap.exe

Publisher:

RPS S.p.a. (signed by RPS S.p.A)

Product:

Upsmon

Description:

Upsag_ap for Windows 64 bit

Version:

5.4.3.0

MD5:

c03a56abcb1ad92631724df04667b10b

SHA-1:

1c7dd531bfd5567fb52de7ed8561ff16efb93786

SHA-256:

3c95fa2f60bd6327fa97f7e0c5c09f7a414bbe5e929127724619ea1a0833b89a

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/27/2024 3:22:38 PM UTC (today)

File size:

13.3 MB (13,945,888 bytes)

Product version:

5.4.3

Original file name:

Upsag_ap

File type:

Executable application (Win64 EXE)

Language:

English (Storbritannia)

Common path:

C:\Program Files\upsmon\upsag_ap.exe

Digital Signature

Signed by:

RPS S.p.A

Authority:

VeriSign, Inc.

Subject:

CN=RPS S.p.A, O=RPS S.p.A, L=Legnago, S=Verona, C=IT

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

660AFB01C4C3541EF1A22D6E96EDE9EF

File PE Metadata

Compilation timestamp:

8/22/2016 12:03:30 PM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

98304:ZT0oA6f8OoWoTccJwTHsAvPkFNytUIkfgr8o6NYYP:tdAsoWotJwU

Entry address:

0x4070

Entry point:

6A, 00, 48, 31, C9, E8, 2E, 77, 4A, 00, 48, 89, 05, 17, 10, 76, 00, E8, EA, C9, 48, 00, E8, A5, C8, 48, 00, E8, A0, CA, 48, 00, 48, 8D, 05, 69, 0F, 76, 00, 48, 8D, 0D, 22, 95, 00, 00, 48, 89, 48, 28, 48, 8D, 0D, 57, CF, FF, FF, 48, 89, 08, 48, 8D, 0D, 01, E8, FF, FF, 48, 89, 48, 08, 48, 8D, 0D, F6, E7, FF, FF, 48, 89, 48, 10, 48, 8D, 0D, A3, FF, FF, FF, 48, 89, 48, 18, 48, 8D, 0D, 0C, D5, 49, 00, 48, 89, 48, 60, 48, 8D, 0D, F1, D7, 49, 00, 48, 89, 48, 68, 48, 8D, 0D, 16, D8, 49, 00, 48, 89, 48, 70, 48, 8D... 
[+]

Code size:

4.7 MB (4,898,816 bytes)

Scheduled Task

Task name:

Logon Trigger Upsag_ap Task

Trigger:

Logon (Runs on logon)

The file upsag_ap.exe has been discovered within the following program.

Upsmon by RPS S.p.a.

www.ups-technet.com/upsmon.htm

About 6% of users remove it

Scan upsag_ap.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.