GridinSoft Threat Intelligence

AMD_Radeon-648975.exe threat report

Detected as PUP.uBar File reputation report
MD5 9876af126ae32c0398d75f9eb709ce4d
Latest seen 2024-09-17 23:00:53 (2 years ago)
First seen 2018-06-21 10:07:12 (7 years ago)
Size 2 MB
Publisher uBar
Product uBar
Signed by IP Iaroslavskii Anton Andreevich

GridinSoft Anti-Malware detection

Detected by GridinSoft before you download

The current ThreatInfo record shows this exact file hash detected as PUP.uBar. Download GridinSoft Anti-Malware to scan the device, confirm whether this file is present, and remove the detected object if it is found.

Detection name
PUP.uBar
Recommended action
Scan and remove
Last analysis
2024-09-17 23:00:53 (2 years ago)
File hash
9876af126ae32c0398d75f9eb709ce4d
Download Anti-Malware

Why it matters

Why GridinSoft flags this file

Detection

GridinSoft identifies the sample as PUP.uBar.

Timeline

First seen 2018-06-21 10:07:12 (7 years ago); latest analysis 2024-09-17 23:00:53 (2 years ago).

Publisher context

Company metadata: uBar. Product metadata: uBar.

Digital signature

Signed by IP Iaroslavskii Anton Andreevich. The signature is reported as valid, but signed files can still be bundled or abused.

Aliases

This hash has appeared under multiple file names, which can happen with repackaging, bundling, or deliberate renaming.

Observed locations

ThreatInfo has seen this file in user or system paths listed below. Unexpected locations increase the need for local verification.

Recommended action

What to do next

  1. Compare the MD5 above with the file found on the device.
  2. Check whether the file appears in the observed locations or under one of the alternate names.
  3. Run GridinSoft Anti-Malware to confirm the detection and remove the file if it is present.

File context

AMD_Radeon-648975.exe is a Windows file recorded in the ThreatInfo database. It is associated with uBar. The reported company name is uBar. The current detection status is PUP.uBar, based on the latest analysis from 2024-09-17 23:00:53 (2 years ago).

If AMD_Radeon-648975.exe appears on your computer unexpectedly, treat it as suspicious. Check its location, digital signature, and recent system changes before allowing it to run. A full anti-malware scan is recommended when this file is detected as PUP.uBar.

File Details

Product Name: uBar
Company Name: uBar
MD5: 9876af126ae32c0398d75f9eb709ce4d
Size: 2 MB
First Published: 2018-06-21 10:07:12 (7 years ago)
Latest Published: 2024-09-17 23:00:53 (2 years ago)
Status: PUP.uBar (on last analysis)
Analysis Date: 2024-09-17 23:00:53 (2 years ago)

Detection screenshot

AMD_Radeon-648975.exe detection screenshot

The screenshot is a visual record of a GridinSoft Anti-Malware detection for this sample. Use the hash and metadata above as the primary identifiers when comparing the file on your system.

Overview

Signed By: IP Iaroslavskii Anton Andreevich
Status: Valid

The signature on AMD_Radeon-648975.exe is reported as valid. A valid signature helps confirm publisher identity, but it does not automatically make the file safe if the installer was bundled, abused, or downloaded from an untrusted source.

Common Places:

%sysdrive%\для новых
%profile%
%sysdrive%\$recycle.bin
%sysdrive%\frome\myprogram
%sysdrive%\installs\inst\ms
%sysdrive%\mydoc
%profile%\downloads
%desktop%
%sysdrive%
%localappdata%\packages\microsoft.skypeapp_kzf8qxf38zg5c

ThreatInfo has observed AMD_Radeon-648975.exe in the locations listed above. Files found in temporary folders, user profile folders, startup locations, or unusual application directories should be reviewed more carefully than files installed under a known program directory.

File Names:

311 observed names
Gamm.3.2.15_key.rar-711668.exe Gamm.3.2.15_key.rar-711668 (1).exe CCleaner-670041.exe CCleaner-670041 (2).exe CCleaner-670041 (1).exe CCleaner-670041 (4).exe CCleaner-670041 (3).exe MAGIX_Samplitude_Music_Studio_14-624790.exe Mass_Effect-753105.exe Hide_My_IP-652118 (1).exe re-loader_activator-342839.exe WinRAR-x64-241408.exe CCleaner_Free-670041.exe SHunter4.rar-30094.exe KMPlayer-625451.exe $R5ANRVW.exe MSIAfterburnerSetup.zip-771368 (1).exe MSIAfterburnerSetup.zip-771368 (3).exe MSIAfterburnerSetup.zip-771368 (4).exe MSIAfterburnerSetup.zip-771368 (2).exe Gamm.4.0.2_key.rar-769337.exe Kerish_Doctor.2018.rar-697058.exe Microsoft_PowerPoint_2016-649260.exe Rusik_Mad_Games_Tycoon-387213.exe $R004DUW.exe GTA_Grand_Theft_Auto_San_Andreas_(2005)-780998.exe Acapela.Alyona.zip-749099.exe Balabolka.rar-749094.exe Garena_Install-152765.exe uTorrent-670039.exe daa6c5b4-138d-4282-b954-bc85750afc20.tmp Re-Loader-523692 (1).exe Re-Loader-523692.exe c5379689-4546-4c01-88e7-fa938961e76a.tmp Bandicam-4.2.1.137-765843.exe Adobe_Photoshop_CS6_(2014)_PC-740187.exe Dead_Rising_3_-_Apocalypse_Edition_(2014)_PC_RePack_by_xatab-758908.exe Raft_v1.02-319438.exe Get_uBar-624155.exe Free_Photo_Viewer-651505.exe Get_uBar-8104.exe Savefrom.net-765887 (1).exe Origin.exe-669276.exe The_Sims_3_The_Complete_Collection_v1.67.2.024017-609572.exe Microsoft_Word_2007-649250.exe Microsoft_Word_2007-632722.exe Dead_Island_(2011)-739901.exe Microsoft_Word_2007-649250 (1).exe Savefrom.net-765887.exe Home_Sweet_Home-508806.exe Windows_Live_Photo_Gallery-623925.exe Victoria_HDD-542848.exe $RLILBDE.exe Get_uBar-7870.exe Klyuchi_kis-171541.exe Origin_(EA_Games)-756867.exe $R9YKG0V.exe FloorPlan_3D_v11-262951.exe UltraISO-746649.exe reg-organizer-setup.exe-843629.exe $R80KHJ0.exe $RY72AS5.exe $RNVBNKG.exe Sneak_Thief_v0.98-360917.exe soundboostersetup.exe-228364.exe $RL3RRDV.exe av-voice-changer-diamond-8_0_24.zip-233054.exe Feed_and_Grow_Fish_v0.9.0a1-202238.exe Paragon_Migrate_OS_to_SSD-624604.exe Sony_Vegas_Pro_13.0_Build_453_x64_RePack_by_Dak-2.torrent-734891.exe WinRAR-809330.exe Mad_Father-486683.exe Mad_Father-486683 (1).exe PUBG-786198.exe VkHacker.zip-810145 (1).exe Imagine_Dragons_-_Evolve_[Deluxe_Edition]_(2017)_MP3-856750.exe Microsoft_OneNote_2016-650620.exe Microsoft_Visio_2016-649263.exe Total-Commander_9.20.rar-796468.exe kmsauto_lite_v1.3.1-342766.exe Microsoft_Visio_2010-127949.exe Bandicam_2018-765843.exe Loaris_Trojan_Remover_3.0.49-861919.exe CCleaner.5_key.rar-29919.exe Handy_Recovery_v5.5ru.rar-32255.exe kerish_keys_new-219779.exe Injustice_2-800241.exe Two_Worlds_2-821014.exe Happy_Wheels_Full_v1.70-264119.exe CarX_Drift_Racing_Online_v1.4.5-224434.exe $R0BIVGO.exe Hot-Virtual-Keyboard-8.2.3.0.zip-156258.exe CCleaner_Professional_5.44.6575-766107.exe CCleaner_Professional_5.44.6575-766107 (1).exe Nox_App_Player_6.2.0.0-762585.exe [catorrent.org]_catorrent_org-metal-gear-solid-the-twin-snakes-ntsceng.torrent-613900.exe Microsoft_Publisher_2016-626683.exe Minecraft-19200.exe NVIDIA_Inspector-654865.exe $RD42POI.exe Microsoft_Office_2010-649259.exe Raft-786769.exe Rusik_Castle_Story_v1.1.6-607474.exe NIS_Keys-553658.exe GTA_San_Andreas-463323.exe AdwCleaner-v5.026.zip-892442 (2).exe AdwCleaner-v5.026.zip-892442 (1).exe AdwCleaner-v5.026.zip-892442.exe Microsoft_Word_2010-649238.exe Adobe_Flash_Player-624309.exe Alcohol_120_RePack_by_KpoJIuK-886315.exe Alcohol_120_RePack_by_KpoJIuK-886315 (1).exe Metro_Last_Light_Redux-471849.exe Kerbal_Space_Program_v1.4.4-206570.exe Sony_Vegas_Pro-624772.exe clonedvd-7-ultimate-7_0_0_11.zip-247515.exe FB2_Reader-627980.exe Serious_Sam_4_Planet_Badass-786203.exe Driver_FLY fs451.exe FIFA_18_Demo-531723.exe Minecraft_Windows_10_Edition-632746.exe fraps-3_5_99-build-15618.zip-232067.exe S7Reflex.wal-501187.exe McDs_Modern_Mix-cgxL.ufile-501183.exe Sony_Media_Tower.wal-501186.exe Windows_Store-623999.exe Sonic_Mania_Plus-854695.exe Nox_App_Player_6.2.0.1-762585.exe Oscar_Editor-796708.exe Destiny_2-429633.exe _-875774 (1).exe _-875774.exe Stardew_Valley_v1.3.23-241654.exe Farming_Simulator_17_Platinum_Edition_1.5.3.1-264120.exe hitmanpro37_patch-130556.exe Windows_10_64bit_home.iso-906704.exe Luxor_Super_Pack_(2014)-886569.exe luxorbundlepack.exe-886577.exe Luxor_Super_Pack-860397.exe Aero_SWF.max-v1.6.868.zip-207400.exe winamp5666_full_all_redux.exe-567155.exe Darksiders_3-786203.exe Freemake_Video_Converter-667492.exe Freemake_Video_Converter-667492.exe.quarantined Alice_Greenfingers_1_and_2-845753.exe H2testw-918367.exe pro_utorrent_and_crack-129092.exe download-82129.exe kmsauto_net_2017_portable-342939.exe KMSAuto-Net-2018-v1.4.7-Portable.zip-901078.exe Arma_3_Apex_Edition_Tanks-244367.exe KMSAuto_2018-918284 (1).exe KMSAuto_2018-918284.exe $RJCEQS1.exe in_vid-10.exe-531600 (1).exe in_vid-10.exe-531600.exe Microsoft_Word_2016-649227.exe slycontrolrus.zip-687741.exe Reimage-PC-Repair-1.8.4.9.zip-849414.exe physxloader.dll-633731.exe UC_Browser-918296.exe Crossout-563365 (1).exe artmoney801rus32.exe-425050.exe IP-TV_Player-730126.exe NetBalancer.9.1.1.zip-148489.exe Driver_Zalman_ZM-K200M_Black_USB-723871.exe Microsoft_Word_2016-127940.exe Karaoke_5-652061.exe Karaoke_GALAXY_player-651208.exe kerish.doctor.2018.v4.70.repack-699657.exe avast-premier-do-14.03.2050g-129276.exe $RYIQ90D.exe Assassin_s_Creed_Origins-578734.exe Assassins-Creed-Origins-by-xatab.torrent-638583.exe Mass_Effect_2-472123.exe PlayerUnknown_s_Battlegrounds_2017-438443.exe Auto-Clicker-Polar.exe-448699.exe HP_Support_Assistant-648758.exe _KeyMaker_Bandicam-774564.exe SCP_Containment_Breach_Unity_Remake_v0.5.8.2-894753.exe ytdsetup-178677.exe Plants_vs._Zombies_Garden_Warfare_2_(2016)-263714.exe Hello_Neighbor-559730.exe $RRYID96.exe Fight_Night_Round_4_(PC)-15853.exe TheSims4.torrent-492180.exe Microsoft_Excel_2010-649258.exe uTorrent-670039 (1).exe kmsauto.lite_.portable-523797.exe AvastClear-630396.exe KMSAuto-Net-2016-v1.4.7-Portable.zip-585511.exe Kingston_Format_Utility-652792.exe Loaris_Trojan_Remover_[3.0.57]__RePack-851527 (3).exe Mashinky_v12.08.2018-201622.exe Mashinky_v12.08.2018_[Steam_Early_Access]-930428.exe Terraria-380739(1).exe patch-155858.exe OriginSetup-809757.exe WinRAR_5_6_key.zip-765105.exe Microsoft_Office_2010-580606.exe widi_recognition_system_professional_4_3.zip-232132.exe WIDI_Recognition_System_Pro.zip-149762.exe Acronis.Disk.Director.v12.0.3297-RUS.rar-37527.exe Microsoft.Fixit.v4.3.Portable.zip-759871.exe Microsoft_Word_2003-127975.exe $R43FGN5.exe $RE23BPQ.exe $RYXK7AC.exe WinRaR_Crack-853119 (2).exe Clash_of_Clans_-253748.exe Plants_vs_Zombies_2_(PC)-2785.exe Monopoly_Tycoon-835978.exe Get_uBar-300946 (1).exe Sims_2-844460.exe Paint_3D-652254.exe A0009132.exe Flash_Memory_Toolkit_2.01-44206.exe Microsoft_Excel_2016-649253.exe 9136D97F-D6E8-ED7A-A903-A541DFD64EFF_1d4325a30e54c52 kmsautonet_2016_1_4_7.zip-670120.exe FixWin-651488.exe Hurtworld_v0.5.9.0-211467.exe Killing_Floor_2_Digital_Deluxe_Edition_v1068-482702.exe Word_2007-556772.exe Dead_Space_3-931304.exe Dead_Space_3-931304 (1).exe Word_2007-127945.exe Steam-633871.exe Mjpes_patch_2018_[Pro_Evolution_Soccer_2018]_(1.0)_(2017)-874663.exe Terraria-380739.exe The_Sims_4-492180.exe Get_uBar-190554.exe Sims_4-597278.exe Msvcp120.dll-633000.exe Ravenfield_Build_10-217326.exe GIBZ_v02.07.2018-936919.exe Nero_10-481288.exe SolidWorks_-851981.exe Microsoft_Publisher_2010-649249.exe Microsoft_Publisher_2007-128384.exe $RSXRKWQ.exe Wordpad-464047.exe Kingsoft_Office_Free-645611.exe pdfmaker-bgN3.ufile-263865.exe Realtek_HD-623850.exe Zuma_Deluxe-14823.exe Get_uBar-16616.exe Grand_Theft_Auto_5_Online-722148.exe DjVu_Reader-19849.exe $R7Y6U3R.exe activator_adguard.-449824.exe Patapon_(2007)-874081.exe Spider-Man_Web_of_Shadows_(2008)-873177.exe Patapon_2_(2009)-869506.exe BlazBlue_Calamity_Trigger_Portable_(2010)-873818.exe KISRegKey-171445.exe CheckDisk-464508.exe Color_Lines_98-3396.exe $RSXNVBC.exe $R2QETGM.exe Adobe_Photoshop_CC_Russian-445957.exe Origin_(EA_Games)-756867 (1).exe PGWARE-GameGain.zip-166068.exe Navitel-595322.exe Microsoft_Excel_Word_PowerPoint_2013_RePack_by_D!akov_x32bit_x64bit_(2014)_Ukr_Rus-742006.exe Total_Tank_Simulator_v0.5-892609.exe Origin-649119.exe Adguard-649781.exe AIMP-693972.exe Steam-679374.exe VIA_HD_Audio-652751.exe 360_Internet_Security_2018-654072.exe Divx_Player-657660.exe ESET_NOD32-657401.exe FastStone_Image_Viewer-651626.exe Microsoft_.NET_Framework_4.5-648703.exe ALLPlayer-684271.exe High_Definition_Audio_Driver-651936.exe Windows_10_Manager-648575.exe HP_Support_Assistant-657548.exe AusLogics_BoostSpeed-648789.exe Download_Master-666455.exe Adobe_Acrobat_Reader-649131.exe Avast!_Premier_2018-654717.exe DirectX_10-651475.exe TeamViewer-657476.exe AIMP_4-648366.exe Microsoft_Office_2017-648095.exe Bug_head_Emperor-675453.exe Directx_12-648262.exe DAEMON_Tools-648147.exe uTorrent-651322.exe Word_2017-648131.exe Windows_10_Creators_Update-649089.exe PotPlayer-667922.exe DriverMax-651509.exe KMPlayer-648644.exe Glary_Utilities-661440.exe BitTorrent-659345.exe Microsoft_PowerPoint-649294.exe Avant_Browser-649795.exe AVS_Media_Player-684340.exe KMPlayer-661693.exe Avast!_Browser_Cleanup-782642.exe NVIDIA_GeForce-649090.exe DriverPack_Solution-649148.exe uPlay-699516.exe Microsoft_Excel-650049.exe Opera_2018-657125.exe Unlocker-649034.exe AMD_Radeon-648975.exe

This hash has been seen with multiple file names. Alternate names can appear when software is updated, copied between folders, packed by an installer, or deliberately renamed to avoid recognition. Compare the exact MD5 above before assuming two names refer to the same file.

Geographic signal

Observed country distribution

ThreatInfo has seen AMD_Radeon-648975.exe across 13 countries. Use this signal to compare local evidence with where the sample is most often reported.

Top country Russian Federation
Share 67.0%
Low High activity

The strongest geographic signal for this file is Russian Federation with 67.0% of observed hits. Geographic distribution can help identify targeted campaigns, regional software bundles, or where a file is most commonly reported.

OS Version:

Windows 10 55.1%
Windows 7 23.0%
Windows 8.1 18.4%
Windows 8 2.2%
Windows XP 1.1%
Windows Embedded 8.1 0.2%

The most common operating system signal for AMD_Radeon-648975.exe is Windows 10 with 55.1% of observed hits. If your system differs from the common profile, check whether the file was introduced by a specific installer, archive, or removable device.

Analysis

AMD_Radeon-648975.exe is identified as pe for 32-bit systems. The subsystem is Windows GUI. PE header values are useful for triage, especially when they do not match the expected publisher, product, or release timeline.

Format pe
Architecture 32-bit
Subsystem Windows GUI
Entry point 0x007fa640
Image base 0x00400000

PE Sections:

Sections 3
Raw data 2346496

Section layout highlights raw-size concentration, repeated names, packer markers, and hashes that can be compared across related samples.

UPX0 0 bytes · 0.0% of section data
Packer marker Uncommon name
MD5 00000000000000000000000000000000
UPX1 2307072 bytes · 98.3% of section data
Packer marker Uncommon name
MD5 3b467a5eb9c0d83f610c7546c0624701
.rsrc 39424 bytes · 1.7% of section data
MD5 487c5f5a7fdbce25a4ee49bdf28f2fd9

PE section names and hashes can reveal packing, injected resources, or unusual build artifacts. Sections with uncommon names, very large raw data, or hashes that differ from a trusted copy deserve additional review.

Report conclusion

GridinSoft detects this file as PUP.uBar

This report identifies AMD_Radeon-648975.exe by MD5 9876af126ae32c0398d75f9eb709ce4d. If the same file is present on your device, scan the system and remove the detected object after confirming the hash and location.

Download GridinSoft Anti-Malware Scan the device and confirm whether this exact hash is present. Check this hash on VirusTotal

Recommended next steps

  • Compare the local file MD5 with 9876af126ae32c0398d75f9eb709ce4d.
  • Check the file path, publisher, and signature against the details in this report.
  • Run a GridinSoft scan and remove the object if the same hash is found.