» closeallx64.exe
Overview
Analysis
File Details

closeallx64.exe

Max Registry Cleaner

Max Secure Software India Pvt. Ltd.

The application closeallx64.exe, “Close All applications” by Max Secure Software India Pvt has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

closeallx64.exe

Publisher:

Max Secure Software (signed by Max Secure Software India Pvt. Ltd.)

Product:

Max Registry Cleaner

Description:

Close All applications

Version:

1, 0, 0, 30

MD5:

16e6086aa013405e30773ca922a4bbde

SHA-1:

896f6443837760c20eaed155fb8b8729588f0aab

SHA-256:

5b9292062c2d8318011dc0a0eece0f2fe538d40c4c64392271f27dd88f455c40

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

5/3/2024 8:52:46 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.MaxSecure.Optional (L)

16.7.31.9

File size:

729.9 KB (747,392 bytes)

Product version:

1, 0, 0, 30

Original file name:

CloseAll.exe

File type:

Executable application (Win64 EXE)

Language:

English (United States)

Common path:

C:\Program Files\max registry cleaner\closeallx64.exe

Digital Signature

Signed by:

Max Secure Software India Pvt. Ltd.

Authority:

GlobalSign nv-sa

Valid from:

7/3/2008 4:39:02 AM

Valid to:

7/3/2009 4:39:02 AM

Subject:

E=tech@maxpcsecure.com, CN=Max Secure Software India Pvt. Ltd., O=Max Secure Software India Pvt. Ltd., C=IN

Issuer:

CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:

0100000000011AE8B8038D

File PE Metadata

Compilation timestamp:

2/12/2009 9:07:02 PM

OS version:

4.0

OS bitness:

Win64

Subsystem:

Windows Console

Linker version:

8.0

CTPH (ssdeep):

12288:KowUy3hhUI/q9rnBsUXsbP7ESQMk94+9mFS:9wU+h/q97BsU7MkKJS

Entry address:

0x2B290

Entry point:

48, 83, EC, 28, E8, 27, 62, 00, 00, 48, 83, C4, 28, E9, 3E, FD, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 48, 83, EC, 28, 48, 89, 5C, 24, 30, 49, 8B, 59, 38, 48, 89, 6C, 24, 38, 48, 89, 74, 24, 40, 48, 8B, F2, 48, 89, 7C, 24, 48, 48, 8B, E9, 4C, 89, 64, 24, 20, 4D, 8B, E0, 4C, 8D, 43, 04, 49, 8B, D1, 48, 8B, CE, 49, 8B, F9, E8, B4, 2C, 00, 00, F6, 45, 04, 66, 44, 8B, 5B, 04, 48, 8B, 5C, 24, 30, 75, 06, 41, 83, E3, 01, EB, 04, 41, 83, E3, 02, 45, 85, DB, 74, 13, 4C, 8B, CF, 4D, 8B, C4... 
[+]

Entropy:

5.8183

Code size:

410.5 KB (420,352 bytes)

Remove closeallx64.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.