home

360Amigo.exe

360Amigo System Speedup

Business Bakers

The application 360Amigo.exe by Business Bakers has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘360Amigo’. This file is typically installed with the program 360Amigo System Speedup PRO by 360Amigo.
Publisher:
360Amigo  (signed by Business Bakers)

Product:
360Amigo System Speedup

Version:
1.2.1.7900

MD5:
bccadb71fdb17f763b15c79ab87f2a8d

SHA-1:
c94484b8f063be986b05c51e8454b5ea3bfccdad

SHA-256:
3acabcfa6f9926caa8172058a38f6eb5970532bf62c884657dfab7ed760ea620

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 6:24:22 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.Startup.BusinessBakers.I
14.3.2.10

File size:
4.9 MB (5,156,128 bytes)

Product version:
1.2.1

Copyright:
Copyright(c) 2012 by 360Amigo

Trademarks:
360Amigo

Original file name:
360Amigo.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\360amigo\360amigo.exe

Digital Signature
Signed by:
Business Bakers

Authority:
VeriSign, Inc.

Valid from:
8/16/2011 8:00:00 PM

Valid to:
8/16/2012 7:59:59 PM

Subject:
CN=Business Bakers, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Business Bakers, L=Helsinki, S=Helsinki, C=FI

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
08FFDE64490119842E1D0271FB0FE97A

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:dyum388Y1BT4QKnGijTG86ALJbTKoU5Li:dXt9g2IL9TK3Li

Entry address:
0x32DF24

Entry point:
55, 8B, EC, 83, C4, F0, 53, B8, 64, D6, 72, 00, E8, 97, 94, CD, FF, B8, 48, E1, 72, 00, E8, C5, BE, D7, FF, E8, 44, F5, FF, FF, E8, E3, F5, FF, FF, E8, 9A, B7, D7, FF, 84, C0, 75, 34, BA, 64, E1, 72, 00, B1, 01, B8, 8C, E1, 72, 00, E8, A5, 2E, CE, FF, 84, C0, 74, 0E, A1, E8, 5C, 74, 00, 8B, 00, E8, 91, BE, D7, FF, EB, 11, A1, E8, 5C, 74, 00, 8B, 00, E8, C3, BD, D7, FF, E8, 9E, 69, CD, FF, B8, 9C, E1, 72, 00, E8, 74, BE, D7, FF, B8, 8C, E1, 72, 00, BA, 64, E1, 72, 00, B1, 01, E8, 67, 2E, CE, FF, 84, C0, 74...
 
[+]

Entropy:
6.9721

Developed / compiled with:
Microsoft Visual C++

Code size:
3.2 MB (3,331,072 bytes)

Scheduled Task
Task name:
360Amigo

Trigger:
Logon (Runs on logon)

Action:
360amigo.exe -autorun


Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
360Amigo

Command:
"C:\Program Files\360amigo\360amigo.exe" -autorun


The file 360Amigo.exe has been discovered within the following program.

360Amigo System Speedup PRO  by 360Amigo
360Amigo System Speedup is a tool of Windows that works quickly in identifying the problem and fix it if there are some mistakes that result in slow system performance.
www.360amigo.com
56% remove it
 
Powered by Should I Remove It?

Remove 360Amigo.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.