» MyPC Backup.exe
Overview
Analysis
File Details
Behaviors (1)

MyPC Backup.exe

The application MyPC Backup.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a scheduled task under the Windows Task Scheduler named LaunchApp triggered to run every month at a specified time.

File name:

MyPC Backup.exe

Version:

1.0.*

MD5:

69d022b3558de0853bc0191471070618

SHA-1:

79cdb4bbb819b1ad831f9c03308e5abae30562f5

SHA-256:

ab1148e27cc5123613f7db41f3188d281b92c0de06d38a7fc51850e648e18afc

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

4/20/2024 12:03:13 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.MyPCBackup.Optional.Meta (L)

15.11.29.13

File size:

2.2 MB (2,321,408 bytes)

Product version:

1.0.*

Original file name:

MyPC Backup.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\mypc backup\mypc backup.exe

File PE Metadata

Compilation timestamp:

11/28/2015 7:33:46 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

49152:3tnF+XcU0A+G2d+db+kyE42tkUmRe73UvWW8Bu8XPCuo1kWE7XcU0A+G2d+db+kF:3dsXcU0A+G2d+db+kyE42tkUz73Uv38t

Entry address:

0x1DAA9E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.4641

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

1.8 MB (1,936,384 bytes)

Scheduled Task

Task name:

LaunchApp

Trigger:

Monthly (Runs monthly on Mondays at 7:48 AM)

Remove MyPC Backup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.