× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: fd462e3c7b6a789be3fa9e1ecfcf19c2f0c70c560d536ebd3ebe725735b6102f
File name: UCContinue.exe
Detection ratio: 0 / 56
Analysis date: 2016-10-05 23:07:43 UTC ( 2 years, 7 months ago ) View latest
Antivirus Result Update
Ad-Aware 20161005
AegisLab 20161005
AhnLab-V3 20161005
Alibaba 20161003
ALYac 20160930
Antiy-AVL 20161005
Arcabit 20161005
Avast 20161005
AVG 20161005
Avira (no cloud) 20161005
AVware 20161005
Baidu 20161001
BitDefender 20161005
Bkav 20161005
CAT-QuickHeal 20161005
ClamAV 20161005
CMC 20161003
Comodo 20161005
CrowdStrike Falcon (ML) 20160725
Cyren 20161005
DrWeb 20161005
Emsisoft 20161005
ESET-NOD32 20161005
F-Prot 20161005
F-Secure 20161005
Fortinet 20161005
GData 20161005
Ikarus 20161005
Sophos ML 20160928
Jiangmin 20161005
K7AntiVirus 20161005
K7GW 20161005
Kaspersky 20161005
Kingsoft 20161006
Malwarebytes 20161005
McAfee 20161005
McAfee-GW-Edition 20161005
Microsoft 20161005
eScan 20161005
NANO-Antivirus 20161005
nProtect 20161005
Panda 20161005
Qihoo-360 20161006
Rising 20161005
Sophos AV 20161005
SUPERAntiSpyware 20161005
Symantec 20161005
Tencent 20161006
TheHacker 20161005
TrendMicro 20161005
TrendMicro-HouseCall 20161005
VBA32 20161005
VIPRE 20161005
ViRobot 20161005
Yandex 20161005
Zillya 20161003
Zoner 20161005
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright © Microsoft 2012

Product UCContinue
Original name UCContinue.exe
Internal name UCContinue.exe
File version 1.0.0.0
Description UCContinue
Signature verification Signed file, verified signature
Signing date 1:52 AM 5/15/2015
Signers
[+] LG Electronics Inc.
Status Valid
Issuer VeriSign Class 3 Code Signing 2010 CA
Valid from 1:00 AM 7/30/2014
Valid to 12:59 AM 9/28/2017
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint F44A2967222909B8D97B731C83B762271919EEE5
Serial number 4B AD 88 26 59 09 F2 9E B7 82 71 57 95 4A 75 A5
[+] VeriSign Class 3 Code Signing 2010 CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 2/8/2010
Valid to 12:59 AM 2/8/2020
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbprint 495847A93187CFB8C71F840CB7B41497AD95C64F
Serial number 52 00 E5 AA 25 56 FC 1A 86 ED 96 C9 D4 4B 33 C7
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] Symantec Time Stamping Services Signer - G4
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 1:00 AM 10/18/2012
Valid to 12:59 AM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4
Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 1:00 AM 1/1/1997
Valid to 12:59 AM 1/1/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-05-14 08:43:08
Entry Point 0x000533CE
Number of sections 3
.NET details
Module Version ID f6ac49d9-e76a-4968-a2ef-be99b21f4ca4
PE sections
Overlays
MD5 400db55f413beabaa1cf1e33fb65da97
File type data
Offset 623616
Size 7696
Entropy 7.35
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 5
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 8
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
11.0

ImageVersion
0.0

ProductName
UCContinue

FileVersionNumber
1.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
UCContinue

CharacterSet
Unicode

InitializedDataSize
290304

FileTypeExtension
exe

OriginalFileName
UCContinue.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0.0.0

TimeStamp
2015:05:14 09:43:08+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
UCContinue.exe

ProductVersion
1.0.0.0

SubsystemVersion
6.0

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright Microsoft 2012

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft

CodeSize
332800

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0x533ce

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 704df86a3637b8886540983118bd304b
SHA1 cf4c673a1191833421d37bd820f79a9a115e4c04
SHA256 fd462e3c7b6a789be3fa9e1ecfcf19c2f0c70c560d536ebd3ebe725735b6102f
ssdeep
3072:1D+ELlMMMMMMMMMMMMMMMMMMMMMMMMxXmZJFC52vOhw3UWdbCsrlp38w4cF4UXen:1KEGAK3O9bGAK3e

authentihash f89d66e7c7c30801d9475e98807b96b7bceea5072037efb9ada941fbd3b6cc5a
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 616.5 KB ( 631312 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
peexe assembly signed overlay

VirusTotal metadata
First submission 2015-05-19 16:30:06 UTC ( 4 years ago )
Last submission 2016-10-09 02:08:50 UTC ( 2 years, 7 months ago )
File names cf4c673a1191833421d37bd820f79a9a115e4c04.exe
uccontinue.exe
13.exe
UCContinue.exe
UCContinue.exe
vt-upload-WEhbqt
UCContinue.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!