English
Analysis MD5: a2c888ce0c65f99347b6611c601f7c96
Analysis of the file classifies it as a class D+ (Suspicious). The file looks suspicious, but it could be a false positive. The trust index of this analysis is 58 % (moderate).
Description
Launcher.exe is part of Uniblue Launcher developed by Uniblue Systems Limited.
| Filename: | Launcher.exe (Uniblue Launcher) |
| Threat analysis: | Suspicious |
| Analysis trust: | |
| Recent activity: |  |
| First seen: | 05 Oct, 2012 |
| Last seen: | 05 Oct, 2012 |
| Last analysis: | 20 Jul, 2018 |
| Possible infection: | Trojan:Win32/Buzus.E |
Launcher.exe Uniblue Launcher
| Application: | Uniblue Launcher |
| Developer: | Uniblue Systems Limited |
| Stability: | |
| File version: | 0.0.0.0 |
| File size: | 751616 bytes (734 KB.) |
| Recent activity: | |
| Historic activity: | |
| CRC32 hash: | 870483170 |
| MD5 hash: | a2c888ce0c65f99347b6611c601f7c96 |
| SHA1 hash: | 0e17c64b0dcebeac9c7be2a123f684efcb7177b1 |
| SHA256 hash: | cd452e1864618834af2c1ad1a15bb8112fe3bfda35318d02e3ceb16fd69d7b51 |
Signature verification
Unsigned
This file has no digital signature. The publisher of this file could not be verified.
File entropy
File entropy match: Encrypted
Parts of this file are encrypted. The reasons might be benign but it makes the analysis more difficult.
Plain Data Text Code Compressed Encrypted RandomFile signature
Executable file
An executable file causes a computer "to perform indicated tasks according to encoded instructions," as opposed to a data file that must be parsed by a program to be meaningful.The determination of a file type is done with a signature or magic-numbers. Files are identified using by comparing the first set of bytes in the file header. Using this method type of files are recognised no matter the extension used. This information is useful to for example recognise executable files cloaked as images or movies.
Malicious code scan
Suspicious code found
Agics makes een analysis of the source code of the file. We look for comparisons with known malicious source code. This is a good way to detect new malicious files which are in fact variations of existing, and known malicious files.
Scan results:
Online virus scanners
Detection ration:
VirusShare.com
Not available on virusshare.com
VirusShare.com is a repository of malware samples to provide security researchers, incident responders, forensic analysts, and the morbidly curious access to samples of live malicious code. Presence of the sample on this site indicates that the file is (Once considered) being malicious.Website: virusshare.com
National Software Reference Library
Not on the nsrl list
The NSRL contains a collection of digital signatures of known, traceable software applications. There are application hash values in the hash set which may be considered malicious, i.e. steganography tools and hacking scripts.Website: www.nsrl.nist.gov
Statistic analysis
Statistic analysis of the file
 | Deviates from other files with the same name (imitation) |
 | FIle version is 0.0.0.0 while other files with the same name also lack a version number |
| No certificate |
| Other files with the same name do have a certificate |
| This is not a common file |
Neural network analysis
Analysis: Suspicious
A neural network is a type of artificial intelligence. It recognized patterns nog clear for a human viewer. Our neural network is surprisingly accurate in recognizing dangerous files. The value below is the predicted chance the file is malicious.
User feedback
Read feedback on this file from other users. Help other users by providing feedback yourself.
Feedback users:
Login Create an account