» AKDeInstall.exe
Overview
Analysis
File Details
Behaviors (1)

AKDeInstall.exe

DeInstall

AKApplications e.K.

This is the uninstaller utility registered in the Windows Control Panel for the program Z-DBackup by IMU Andreas Baumann.

File name:

AKDeInstall.exe

Publisher:

AKApplications e.K. (signed and verified)

Product:

DeInstall

Description:

DeInstaller

Version:

4.2.1

MD5:

6202796a69796bb07619196ae9ae4006

SHA-1:

297704b25a6bc3551612183c1b21a76a61966ba0

SHA-256:

1d9c5634c7d673375f8c1ae598d94af3bd1b73f160353ecf13337d784cdef6c2

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/19/2024 4:41:26 AM UTC (today)

Scan engine

Detection

Engine version

NANO AntiVirus

Trojan.Win32.Siggen5.cxfrbr

0.28.0.60253

Trend Micro House Call

Suspicious_GEN.F47V0616

7.2.174

File size:

182.9 KB (187,256 bytes)

Product version:

4.2.1

Original file name:

AKDeInstall.exe

File type:

Executable application (Win32 EXE)

Language:

German (Germany)

Common path:

C:\Program Files\z-dbackup\{f2da54f3-f7fb-4ae8-9b33-bea5391e4a03}\akdeinstall.exe

Digital Signature

Signed by:

AKApplications e.K.

Authority:

DigiCert Inc

Valid from:

12/10/2013 12:00:00 AM

Valid to:

4/13/2017 1:00:00 PM

Subject:

CN=AKApplications e.K., O=AKApplications e.K., L=Hamburg, C=DE, PostalCode=22767, STREET=Gerritstraße 14, SERIALNUMBER=HRA 115662, OID.1.3.6.1.4.1.311.60.2.1.2=Hamburg, OID.1.3.6.1.4.1.311.60.2.1.3=DE, OID.2.5.4.15=Private Organization

Issuer:

CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

0C44F8C00D7FAEF31FAB20A802D640E4

File PE Metadata

Compilation timestamp:

3/28/2014 11:45:42 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

3072:iqdR7s6CmSa78iuoXdBFV7gK5RSjQ4x9dKgv7WF3IEVNsycGTIK+JID8:hM6CmiiuoXRVEKSdv73wNsny0v

Entry address:

0x1AA0A

Entry point:

55, 8B, EC, 6A, FF, 68, 08, 3D, 40, 00, 68, 6E, AB, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, A0, 15, 40, 00, 59, 83, 0D, EC, 2A, 43, 00, FF, 83, 0D, F0, 2A, 43, 00, FF, FF, 15, A4, 15, 40, 00, 8B, 0D, E0, 2A, 43, 00, 89, 08, FF, 15, A8, 15, 40, 00, 8B, 0D, DC, 2A, 43, 00, 89, 08, A1, AC, 15, 40, 00, 8B, 00, A3, E8, 2A, 43, 00, E8, D3, 91, FF, FF, 39, 1D, E8, 80, 40, 00, 75, 0C, 68, 9E, AB, 41, 00, FF, 15, B0, 15... 
[+]

Entropy:

6.0709

Developed / compiled with:

Microsoft Visual C++ v6.0

Program Uninstaller

Program name:

Z-DBackup

Display publisher:

IMU Andreas Baumann

Display version:

6.0.0.13

Uninstall string:

C:\Program Files\Z-DBackup\{F2DA54F3-F7FB-4AE8-9B33-BEA5391E4A03}\AKDeInstall.exe /x

Scan AKDeInstall.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.