× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 15c132e43f3072cd6317ff026208bb474315b0c25182b4684917a72e8c9e9dcd
File name: UCBrowser_V6.1.2909.1213_4601_(Build1707111450)_(en-us).exe
Detection ratio: 1 / 64
Analysis date: 2017-07-12 14:20:30 UTC ( 1 year, 7 months ago ) View latest
Antivirus Result Update
ESET-NOD32 a variant of Win32/Taobao.E potentially unwanted 20170712
Ad-Aware 20170712
AegisLab 20170712
AhnLab-V3 20170712
Alibaba 20170712
ALYac 20170712
Antiy-AVL 20170712
Arcabit 20170712
Avast 20170712
AVG 20170712
Avira (no cloud) 20170712
AVware 20170712
Baidu 20170712
BitDefender 20170712
Bkav 20170712
CAT-QuickHeal 20170712
ClamAV 20170712
CMC 20170712
Comodo 20170712
CrowdStrike Falcon (ML) 20170420
Cylance 20170712
Cyren 20170712
DrWeb 20170712
Emsisoft 20170712
Endgame 20170706
F-Prot 20170712
F-Secure 20170712
Fortinet 20170629
GData 20170712
Ikarus 20170712
Sophos ML 20170607
Jiangmin 20170712
K7AntiVirus 20170712
K7GW 20170712
Kaspersky 20170712
Kingsoft 20170712
Malwarebytes 20170712
MAX 20170712
McAfee 20170712
McAfee-GW-Edition 20170712
Microsoft 20170712
eScan 20170712
NANO-Antivirus 20170712
nProtect 20170712
Palo Alto Networks (Known Signatures) 20170712
Panda 20170712
Qihoo-360 20170712
Rising 20170712
SentinelOne (Static ML) 20170516
Sophos AV 20170712
SUPERAntiSpyware 20170712
Symantec 20170712
Symantec Mobile Insight 20170712
Tencent 20170712
TheHacker 20170712
TotalDefense 20170712
TrendMicro 20170712
TrendMicro-HouseCall 20170712
Trustlook 20170712
VBA32 20170712
VIPRE 20170712
ViRobot 20170712
Webroot 20170712
WhiteArmor 20170706
Yandex 20170712
Zillya 20170712
ZoneAlarm by Check Point 20170712
Zoner 20170712
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright 2008-2014 UCWeb Inc. All rights reserved.

Product UC Browser
Internal name mini_installer
File version 6.1.2909.1213
Description UC Browser
Signature verification Signed file, verified signature
Signing date 8:04 AM 7/11/2017
Signers
[+] TAOBAO (CHINA) SOFTWARE CO.,LTD.
Status Valid
Issuer VeriSign Class 3 Code Signing 2010 CA
Valid from 1:00 AM 6/16/2016
Valid to 12:59 AM 7/15/2018
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 51133A37FFAD0B668844984E77109F29482D7DAB
Serial number 78 0A 00 32 A6 CE 7D 0B 5D 54 52 F5 CD E5 20 DC
[+] VeriSign Class 3 Code Signing 2010 CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 2/8/2010
Valid to 12:59 AM 2/8/2020
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbprint 495847A93187CFB8C71F840CB7B41497AD95C64F
Serial number 52 00 E5 AA 25 56 FC 1A 86 ED 96 C9 D4 4B 33 C7
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] GlobalSign TSA for MS Authenticode - G2
Status Valid
Issuer GlobalSign Timestamping CA - G2
Valid from 1:00 AM 5/24/2016
Valid to 1:00 AM 6/24/2027
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 63B82FAB61F583909695050B00249C502933EC79
Serial number 11 21 D6 99 A7 64 97 3E F1 F8 42 7E E9 19 CC 53 41 14
[+] GlobalSign Timestamping CA - G2
Status Valid
Issuer GlobalSign Root CA
Valid from 11:00 AM 4/13/2011
Valid to 1:00 PM 1/28/2028
Valid usage All
Algorithm sha1RSA
Thumbrint C0E49D2D7D90A5CD427F02D9125694D5D6EC5B71
Serial number 04 00 00 00 00 01 2F 4E E1 52 D7
[+] GlobalSign
Status Valid
Issuer GlobalSign Root CA
Valid from 1:00 PM 9/1/1998
Valid to 1:00 PM 1/28/2028
Valid usage Server Auth, Client Auth, Code Signing, Email Protection, Timestamp Signing, OCSP Signing, EFS, IPSEC Tunnel, IPSEC User, IPSEC IKE Intermediate
Algorithm sha1RSA
Thumbrint B1BC968BD4F49D622AA89A81F2150152A41D829C
Serial number 04 00 00 00 00 01 15 4B 5A C3 94
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-06-27 20:43:55
Entry Point 0x000A9932
Number of sections 7
PE sections
Overlays
MD5 b04f0a49509a5188ab9bcf86a581c99f
File type data
Offset 50799104
Size 13200
Entropy 7.41
PE imports
GetTokenInformation
RegCreateKeyExW
RegDeleteValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
OpenProcessToken
RegSetValueExW
ConvertSidToStringSidW
RegEnumKeyExW
RegOpenKeyExW
CreateProcessAsUserW
RegQueryInfoKeyW
SystemFunction036
RegDeleteKeyW
RegCloseKey
RegQueryValueExW
_TrackMouseEvent
CreateFontIndirectW
PatBlt
GetObjectA
DeleteDC
SetBkMode
PtInRegion
GetObjectW
BitBlt
CreateDIBSection
SetTextColor
CreatePatternBrush
ExtTextOutW
GetTextFaceW
CreateBitmap
GetStockObject
SetViewportOrgEx
CreateRoundRectRgn
CreateCompatibleDC
CreateFontW
CreateRectRgn
SelectObject
SetWindowOrgEx
SetBkColor
DeleteObject
CreateCompatibleBitmap
GetVolumePathNameW
GetStdHandle
GetDriveTypeW
InterlockedPopEntrySList
WaitForSingleObject
LockResource
HeapDestroy
EncodePointer
SetFileTime
GetFileAttributesW
SystemTimeToTzSpecificLocalTime
GetVolumePathNamesForVolumeNameW
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
LocalAlloc
GetVolumeInformationW
SetErrorMode
FreeEnvironmentStringsW
InitializeSListHead
FileTimeToSystemTime
GetLocaleInfoW
SetStdHandle
GetCPInfo
GetTempPathW
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
ResumeThread
GetExitCodeProcess
LocalFree
FormatMessageW
GetThreadPriority
FreeLibraryAndExitThread
InitializeCriticalSection
OutputDebugStringW
FindClose
TlsGetValue
FormatMessageA
GetFullPathNameW
OutputDebugStringA
InterlockedPushEntrySList
SetLastError
GetUserDefaultUILanguage
PeekNamedPipe
DeviceIoControl
LoadResource
RemoveDirectoryW
IsDebuggerPresent
ExitProcess
FindNextVolumeW
QueryPerformanceFrequency
SetProcessWorkingSetSize
LoadLibraryExA
SetThreadPriority
EnumSystemLocalesW
LoadLibraryExW
MultiByteToWideChar
SetFilePointerEx
FlushInstructionCache
CreateEventW
SetFileAttributesW
CreateThread
SetEnvironmentVariableW
GetSystemDirectoryW
SetUnhandledExceptionFilter
CreateMutexW
IsProcessorFeaturePresent
ExitThread
SetHandleInformation
SetEnvironmentVariableA
TerminateProcess
GetModuleHandleExW
GetEnvironmentVariableW
LocalFileTimeToFileTime
GetDiskFreeSpaceExW
ReadConsoleW
GetCurrentThreadId
GetProcAddress
GetModuleHandleExA
SleepEx
WriteConsoleW
CreateToolhelp32Snapshot
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
LoadLibraryW
FindVolumeClose
GetVersionExW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
lstrcmpiW
RtlUnwind
FreeLibrary
GetWindowsDirectoryW
DecodePointer
OpenProcess
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetUserDefaultLCID
GetProcessHeap
EnumResourceNamesW
AssignProcessToJobObject
WriteFile
GetModuleFileNameW
GetFileInformationByHandle
FindNextFileW
ResetEvent
FindFirstFileW
IsValidLocale
DuplicateHandle
FindFirstFileExW
WaitForMultipleObjects
SetEvent
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
FindFirstVolumeW
LeaveCriticalSection
GetNativeSystemInfo
GetLastError
DosDateTimeToFileTime
LCMapStringW
GlobalFree
GetConsoleCP
FindResourceW
CompareStringW
GetEnvironmentStringsW
GlobalUnlock
GlobalAlloc
lstrlenW
Process32NextW
VirtualFree
GetQueuedCompletionStatus
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
CreateIoCompletionPort
ProcessIdToSessionId
GetCommandLineW
WideCharToMultiByte
HeapSize
RaiseException
GetCommandLineA
Process32FirstW
GetCurrentThread
ExpandEnvironmentStringsW
SetEndOfFile
UnhandledExceptionFilter
TlsFree
SetFilePointer
ReadFile
RtlCaptureContext
CloseHandle
SetDllDirectoryW
GetACP
GlobalLock
GetModuleHandleW
FreeResource
GetFileAttributesExW
IsValidCodePage
FindResourceExW
PostQueuedCompletionStatus
CreateProcessW
Sleep
VirtualAlloc
AlphaBlend
VarUI4FromStr
SysFreeString
VariantInit
VariantClear
SysAllocString
GetProcessImageFileNameW
GetModuleFileNameExW
SHGetFolderPathW
SHBrowseForFolderW
ShellExecuteW
SHGetPathFromIDListW
ShellExecuteExW
Ord(680)
CommandLineToArgvW
SetFocus
RedrawWindow
GetMonitorInfoW
SetWindowRgn
UpdateWindow
MsgWaitForMultipleObjectsEx
BeginPaint
GetWindowRgn
OffsetRect
DefWindowProcW
MoveWindow
GetCapture
GetParent
KillTimer
WaitMessage
RegisterClassExW
GetMessageW
ScreenToClient
ShowWindow
GetQueueStatus
CallMsgFilterW
MapWindowPoints
GetClassInfoExW
GetSystemMetrics
SetWindowLongW
IsWindow
SendMessageW
PostQuitMessage
GetWindowRect
EnableWindow
SetCapture
ReleaseCapture
EnumChildWindows
CopyRect
DestroyCursor
AdjustWindowRectEx
CharNextW
IsWindowEnabled
GetWindow
PostMessageW
GetSysColor
DispatchMessageW
GetDC
GetCursorPos
ReleaseDC
UpdateLayeredWindow
GetDlgCtrlID
TrackMouseEvent
GetMenu
TranslateMessage
GetWindowLongW
IsWindowVisible
DestroyWindow
SetWindowTextW
GetDlgItem
SetRectEmpty
DrawTextW
MessageBoxW
SetWindowPos
MonitorFromWindow
ClientToScreen
InvalidateRect
CreateDialogParamW
PeekMessageW
SetTimer
LoadImageW
GetClassNameW
UnregisterClassW
IsDialogMessageW
FillRect
LoadStringW
GetClientRect
GetWindowTextW
LoadCursorW
GetClassNameA
GetWindowTextLengthW
CreateWindowExW
EndPaint
SetForegroundWindow
SetCursor
CallWindowProcW
PtInRect
CreateEnvironmentBlock
DestroyEnvironmentBlock
WinHttpGetIEProxyConfigForCurrentUser
InternetReadFile
InternetOpenW
InternetCloseHandle
InternetOpenUrlW
timeEndPeriod
timeGetTime
timeBeginPeriod
getaddrinfo
accept
ioctlsocket
WSAStartup
freeaddrinfo
connect
getsockname
htons
WSASetLastError
WSAGetLastError
gethostname
getsockopt
recv
send
ntohs
select
listen
__WSAFDIsSet
WSACleanup
getpeername
closesocket
setsockopt
socket
bind
recvfrom
sendto
GdipCreateFontFromDC
GdipStringFormatGetGenericDefault
GdipBitmapLockBits
GdipCreateBitmapFromFile
GdipGetGenericFontFamilySansSerif
GdipLoadImageFromStreamICM
GdipDrawImageRect
GdipGetImageHeight
GdipCreateSolidFill
GdipSetSmoothingMode
GdipDeleteStringFormat
GdipMeasureString
GdipRotateWorldTransform
GdipSetImageAttributesColorMatrix
GdipCreateBitmapFromScan0
GdiplusShutdown
GdipCreatePen1
GdipSetStringFormatTrimming
GdipCreatePath
GdipBitmapUnlockBits
GdipGetDC
GdipCreateHBITMAPFromBitmap
GdipCloneFont
GdiplusStartup
GdipCreateRegionPath
GdipSetSolidFillColor
GdipDeleteGraphics
GdipFillRectangleI
GdipFillPath
GdipFillRectangle
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateImageAttributes
GdipCreateFromHDC
GdipLoadImageFromStream
GdipSetClipRegion
GdipDrawRectangle
GdipSetStringFormatAlign
GdipGetSolidFillColor
GdipGetImageWidth
GdipAlloc
GdipTranslateWorldTransform
GdipDrawImageRectI
GdipDrawImageRectRectI
GdipCreateFont
GdipDeletePath
GdipDeletePen
GdipDeleteRegion
GdipCloneBrush
GdipDisposeImageAttributes
GdipAddPathArc
GdipCloneStringFormat
GdipFillEllipse
GdipFree
GdipDrawString
GdipSetStringFormatFlags
GdipDeleteBrush
GdipCreateBitmapFromStream
GdipDisposeImage
GdipCloneImage
GdipReleaseDC
GdipGetImageGraphicsContext
GdipSetStringFormatLineAlign
GdipCreateBitmapFromResource
CoInitializeEx
CoUninitialize
CoInitialize
CoTaskMemAlloc
CreateStreamOnHGlobal
CoTaskMemRealloc
CoCreateInstance
CoInitializeSecurity
CoTaskMemFree
CoSetProxyBlanket
PE exports
Number of PE resources by type
PNG 59
RT_STRING 5
RT_DIALOG 4
RT_ICON 3
BN 3
BINDATA 3
RT_VERSION 2
BL 1
RT_MANIFEST 1
B7 1
RT_GROUP_ICON 1
Number of PE resources by language
CHINESE SIMPLIFIED 75
ENGLISH US 8
PE resources
Debug information
ExifTool file metadata
ProductShortName
UC Browser

SubsystemVersion
5.1

OfficialBuild
1

InitializedDataSize
49942528

ImageVersion
0.0

ProductName
UC Browser

FileVersionNumber
6.1.2909.1213

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0017

CharacterSet
Unicode

LinkerVersion
14.0

FileTypeExtension
exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

CompanyShortName
UCWeb Inc.

FileVersion
6.1.2909.1213

TimeStamp
2017:06:27 21:43:55+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
mini_installer

ProductVersion
6.1.2909.1213

FileDescription
UC Browser

OSVersion
5.1

FileOS
Win32

LegalCopyright
Copyright 2008-2014 UCWeb Inc. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
UCWeb Inc.

CodeSize
855552

FileSubtype
0

ProductVersionNumber
6.1.2909.1213

LastChange
2056a16a53a08de13b8ac750535ac29b945704b4-master

EntryPoint
0xa9932

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 20fcd9b578af0cbdc98adb35d168751b
SHA1 886604a55892242b7bcecb767e54186f1a010d90
SHA256 15c132e43f3072cd6317ff026208bb474315b0c25182b4684917a72e8c9e9dcd
ssdeep
1572864:txbqAu78uejrCr3PLgwWBkPS8pmbskas:LqYTrccwQkP/gb5

authentihash c57d38319a1a306f7187a6c8ed7f7837a97b80ff7ad3ddfaf863d707892528c9
imphash e83e2589947123691b25d3ee56563c6e
File size 48.5 MB ( 50812304 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2017-07-12 00:03:19 UTC ( 1 year, 7 months ago )
Last submission 2017-07-13 13:30:40 UTC ( 1 year, 7 months ago )
File names UCBrowser_V6.1_Offline.exe
UCBrowser_V6.1_Offline.exe
mini_installer
UCBrowser_V6.1.2909.1213_windows_pf101_(Build17071115).exe
UCBrowser_V6.1.2909.1213_windows_pf101_(Build17071115).exe
UCBrowser_V6.1.2909.1213_4601_(Build1707111450)_(en-us).exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!