» sdearlydelete.exe
Overview
Analysis
File Details

sdearlydelete.exe

Max Secure Software

The application sdearlydelete.exe by Max Secure Software has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

sdearlydelete.exe

Publisher:

Max Secure Software (signed and verified)

MD5:

2360606e4c9e43d2cf2df1729ead0965

SHA-1:

5568f59aed2ff7c6858d2fb7f482f264f089a2ae

SHA-256:

e1d034f1b254716926b1039c7a50e88b68946a7d30acf70e3dd42e682ca34ce3

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

7/7/2025 8:24:27 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.MaxSecure.Optional.Meta (L)

16.2.22.21

File size:

12.5 KB (12,752 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Windows\System32\sdearlydelete.exe

Digital Signature

Signed by:

Max Secure Software

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

1/25/2008 8:38:31 AM

Valid to:

1/9/2009 8:34:12 AM

Subject:

CN=Max Secure Software, OU=Max Secure Software, O=Max Secure Software, L=Pune, S=MH, C=IN

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

47B878B835A406D31B4C2E17C1097FD7

File PE Metadata

Compilation timestamp:

4/15/2008 6:43:23 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

7.10

CTPH (ssdeep):

192:0dH+i4c8UvQOkUNPc5GWGI5cTJrEyncjWOeyowJL/fFY86gHcqeWC5:lVUxPW3OPnNYJLfFtEWi

Entry address:

0x1C85

Entry point:

55, 8B, EC, 81, EC, F4, 01, 00, 00, 66, 83, A5, 0C, FE, FF, FF, 00, 57, 6A, 7C, 59, 33, C0, 8D, BD, 0E, FE, FF, FF, F3, AB, 66, AB, E8, 3C, 05, 00, 00, 85, C0, 5F, 75, 08, 50, 6A, FF, E8, CE, 05, 00, 00, 68, F4, 01, 00, 00, 8D, 85, 0C, FE, FF, FF, 50, E8, 5A, FE, FF, FF, 85, C0, 75, 0E, E8, 57, 05, 00, 00, 6A, 00, 6A, FF, E8, AB, 05, 00, 00, E8, CA, F6, FF, FF, 8D, 85, 0C, FE, FF, FF, 50, E8, B0, F9, FF, FF, 8D, 85, 0C, FE, FF, FF, 50, E8, 2A, FC, FF, FF, E8, 2C, 05, 00, 00, 6A, 00, 6A, FF, E8, 80, 05, 00... 
[+]

Entropy:

6.5711

Developed / compiled with:

Microsoft Visual C++

Code size:

5.5 KB (5,632 bytes)

Remove sdearlydelete.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.