Reason Labs

ucservice.exe

UCBrowser Service

TAOBAO (CHINA) SOFTWARE CO.,LTD.

The application ucservice.exe by TAOBAO (CHINA) SOFTWARE CO.,LTD has been detected as PUP.Taobao. It runs as a separate (within the context of its own process) windows Service named “UC Browser Service”.
Publisher:
UCWeb Inc.  (signed by TAOBAO (CHINA) SOFTWARE CO.,LTD.)

Product:
UCBrowser Service

Version:
1.0.0.0

MD5:
8044ef0d30fcb3e2bc099a867fdbb56b

SHA-1:
474e621c99c5b7b0dc292d9fe24b72708d94d046

SHA-256:
22bc525af9a07c78a29014b3515542660a2020698cce8df5b59e0affbe059d5b

Detection:
PUP.Taobao

Risk:
Low

Analysis date:
10/19/2018 4:31:12 AM UTC  (today)

File size:
691.3 KB (707,927 bytes)

Product version:
1.0.0.0

Copyright:
Copyright 2008-2014 UCWeb Inc. All rights reserved.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\ucbrowser\application\ucservice.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
6/16/2016 5:00:00 AM

Valid to:
7/15/2018 4:59:59 AM

Subject:
CN="TAOBAO (CHINA) SOFTWARE CO.,LTD.", OU=RDC, O="TAOBAO (CHINA) SOFTWARE CO.,LTD.", L=Hangzhou, S=Zhejiang, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
780A0032A6CE7D0B5D5452F5CDE520DC

File PE Metadata
Compilation timestamp:
2/21/2017 12:24:52 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
14.0

Entry address:
0x5A743

Entry point:
E9, A9, EA, 01, 00, E9, 7A, FE, FF, FF, 55, 8B, EC, 6A, 00, FF, 15, EC, B2, 47, 00, FF, 75, 08, FF, 15, 10, B3, 47, 00, 68, 09, 04, 00, C0, FF, 15, 38, B1, 47, 00, 50, FF, 15, 3C, B1, 47, 00, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, FB, F3, 01, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, C8, 43, 49, 00, 89, 0D, C4, 43, 49, 00, 89, 15, C0, 43, 49, 00, 89, 1D, BC, 43, 49, 00, 89, 35, B8, 43, 49, 00, 89, 3D, B4, 43, 49, 00, 66, 8C, 15, E0, 43, 49, 00, 66, 8C, 0D, D4, 43, 49, 00, 66, 8C, 1D, B0...
 
[+]

Entropy:
6.9875

Packer / compiler:
Xtreme-Protector v1.05

Characteristics:
0x258

Code size:
486 KB (497,664 bytes)

Properties
Services:
UCBrowserSvc

Service
Display name:
UC Browser Service

Service name:
UCBrowserSvc

Description:
UC Browser Service is used for acceleration at startup and web security. Recommend to enable the service for better experience.

Type:
Win32OwnProcess


ucservice.exe is installed together with the following files.

Clean
molt_tool.exe  (3180e37c461452dfd7df92c8cb4e27d1e8204637)

PUP.Taobao
UCBrowser.exe  6.1.2015.1007  (942ff4ead5d43172001de2c5adbcd4f164ff3c4c)

PUP.Taobao
uninstall.exe  6.1.2015.1007  (a277eab659b30ca61bc4f975db74bcf4a070880d)

Clean
update_task.exe  1.0.0.8  (aa917b74c22bd9914c53725d70d70d84eb195942)

Clean
wow_helper.exe  (9bf35d0bbfb966ec745419e378579a4d80b9f544)

There are numerous known versions of ucservice.exe by UCWeb Inc..

PUP.Taobao
ucservice.exe  1.0.0.0  (63a42205803bf1467d17da4675be363bf2bf5023)

PUP.Taobao
ucservice.exe  1.0.0.0  (bb7bf8f653f13041fd268c9a6f721ccd54300119)

PUP.Taobao
ucservice.exe  1.0.0.0  (006e35e04fe12b478e84a8878a023a43c39059f3)

PUP.Taobao
ucservice.exe  1.0.0.0  (49fe1bf0888a15c025de0bae0303b36edc30896d)

PUP.Taobao
ucservice.exe  1.0.0.0  (ebc1c854654ed8f38ea4c2de9afb417a2ae8f1d6)

PUP.Taobao
ucservice.exe  1.0.0.0  (2f8ebcd30e937b1891229f73df4cfcd5421f7284)

PUP.Taobao
ucservice.exe  1.0.0.0  (e9162ed46ce0accc58a9bd030d44a068729ac6bb)

PUP.Taobao
ucservice.exe  1.0.0.0  (8182c14949ac36b9e3666fbb252a84f39290a56c)

PUP.Taobao
ucservice.exe  1.0.0.0  (b1fefc9dd5c58bacdb6c3e60d34e81005210f588)

PUP.Taobao
ucservice.exe  1.0.0.0  (879354d27ff36962a40f92f30790d6142be9c132)

PUP.Taobao
ucservice.exe  1.0.0.0  (52760dc1d23e7a64667b6f9bb31ae1386e8e376e)

PUP.Taobao
ucservice.exe  1.0.0.0  (bb9c93728ffda96a179f30aa8499311ded737df4)

PUP.Taobao
ucservice.exe  1.0.0.0  (4399e9f3c488f9572c668dd61188c9319a29cc06)

PUP.Taobao
ucservice.exe  1.0.0.0  (c49362a724a866cf14d49214aae85a75f2c8e4ea)

PUP.Taobao
ucservice.exe  1.0.0.0  (4ae8ff9854774e19a41bae44c6bd04be73e1cd29)

Clean
new_ucservice.exe  (8839c31b762eaac851795f786b84009c151f30b7)

Clean
tmp000000be7e55e4542d719418  (a129bbf606d390df5e4eba419bf1a60b2fa28c5c)

Clean
tmp0000001cbc042033783d53b3  (117cb2f2dbc539d744aa0be92d5fd58bb8e813cf)

PUP.Taobao
tmp00000017a42620253761a621  (c48b7b6e7360a3dac6ffa1a9dcd14d7f904aac1d)

Clean
tmp0000203f3f496a2cf1412ad2  (a061afe8aca4ce649f62af3c729a59ca873e897a)

PUP.Taobao
silverlight_x64.exe.td  (b12e05c5a9c491805d86984c19c90fe890dd5b4d)

Clean
tmp000000051ca2152bb72ccb70  (c972899f2c088df3018f8792019b0e717aef479e)

Clean
tmp0000000cdc31d7b60492ae51  (23331a57a268dda1f224707e8031956c850c4c8b)

Clean
localized_english_pakuo00.pk3  (de6b28bd536bfdc5a8c70e50cc029e133a5fc982)

PUP.Taobao.TAOBAOCH
tmp00000021b2f4858cf8e96fed  (880647b49a95607ce51ba5d089b2cdc04f35d119)

PUP.Taobao.TAOBAOCH
tmp00000039eaac3cc77be3b156  (65560210ac7e3f38256868a46e4f32b23c7dcc84)

PUP.Taobao
unp13401646.tmp  (fe251c571a6856607c38d3d51e6d6c3fdccd6cf6)

PUP.Taobao
04 love theme music - www.downloadming.com.mp3.td  (61e6eaf539efcffa097508536c48786f08911058)

PUP.Taobao
unp24141808.tmp  (59ee7f786c76be5db0cb381f93ab96adbdfb05cf)

PUP.Taobao
ucservice.exe  (36e8cfbe22ee13e7082c5ecb059843cb174115e0)

PUP.Taobao
unp63874845.tmp  (6c47d22ca613622c1e81f55b87810442c2759b83)

Download Reason Core Security - Powerful anti-malware software