home

vuupc_vo2_8907.exe

The application vuupc_vo2_8907.exe has been detected as a potentially unwanted program by 13 anti-malware scanners. The program is a setup application that uses the Nullsoft Scriptable Install System installer, however the file is not signed with an authenticode signature from a trusted source.
MD5:
34b13709468bd3f5efcea400f8d6b67e

SHA-1:
86b7eccb9cfe9a62566263d2dc79686eb964ffe6

SHA-256:
564ed56b166cdc9696a4c79a1f204646c1a05aa2f4c5b55a4489259b97060514

Scanner detections:
13 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 12:55:20 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:SaliCode
160118-1

AVG
Win32/Sality
2015.0.4477

Clam AntiVirus
Win.Adware.Outbrowse-1198
0.98/21331

Dr.Web
Win32.Sector.30
9.0.1.05190

Emsisoft Anti-Malware
Win32.Sality
10.0.0.5366

ESET NOD32
Win32/Sality.NBA virus
7.0.302.0

Kaspersky
Virus.Win32.Sality
15.0.0.562

McAfee
Trojan.Artemis!DC73D1078433
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.213.5087.0

Norman
Win32.Sality.3
03.12.2014 13:20:04

Sophos
Virus 'Mal/Sality-D'
5.22

VIPRE Antivirus
Threat.4721115
46444

File size:
298.4 KB (305,518 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Nullsoft Scriptable Install System

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\vuupc_vo2_8907.exe

File PE Metadata
Compilation timestamp:
12/6/2009 12:52:12 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:+FF0SOb4wjrzyvlD1JXAkQa7pJ59E6rTUadigTZ/t5q2pd5A8WwO:4Ob4YvIlplAkn7pBxddZ/bJd5A8e

Entry address:
0x30FA

Entry point:
88, ED, 69, CF, 8F, 51, D3, 62, 0F, B6, D5, 10, E4, 0F, B6, C1, 40, 69, FA, ED, 3F, DF, 73, 13, E9, FF, C6, C7, C6, 64, 17, A3, 37, 81, C1, 25, 8E, 0F, 00, EB, 02, 30, C3, 81, E9, 8A, 59, 0F, 00, 1A, E3, 8B, C2, 68, 75, F2, FD, 00, 68, EE, 84, B6, 00, 89, D7, FE, C8, 49, B2, 61, 80, FD, 26, E8, 27, 00, 00, 00, 78, 07, 85, FE, BF, 56, B1, 3A, 8C, 0F, AF, DD, 85, C6, 71, 05, 04, F1, F6, C7, CF, 81, EE, 62, AA, FC, FF, 0F, BE, DE, 0F, AF, C1, 81, EE, FF, 17, 04, 00, FE, CD, FF, C1, 45, 3B, CE, 80, C7, 3D, 89...
 
[+]

Entropy:
7.8934  (probably packed)

Code size:
23.5 KB (24,064 bytes)

Remove vuupc_vo2_8907.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.