» uninst.exe
Overview
Analysis
File Details
Behaviors (1)

uninst.exe

Radar Sync

RadarSync

The executable uninst.exe, “Radar Sync Installation Package” has been detected as malware by 1 anti-virus scanner. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This is the uninstaller utility registered in the Windows Control Panel for the program RadarSync PC Updater 2011 by RadarSync Ltd.

File name:

uninst.exe

Publisher:

RadarSync (signed and verified)

Product:

Radar Sync

Description:

Radar Sync Installation Package

Version:

3.7.0.5

MD5:

d258bc7d0a8b0083d1a6834c68844df9

SHA-1:

981b0d9aa568ab59ace265ab352eaec8b7ff7718

SHA-256:

cb52c86f77dae75a8a38bc45319f3600207a47ff71075fcd918b924f4dfd9f56

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

4/25/2024 10:55:27 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Optional.RadarSync.DriverUpdater.Installer.Meta (L)

16.2.9.8

File size:

92.2 KB (94,384 bytes)

Product version:

3.7.0.5

RadarSync

Original file name:

radarsync.exe

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

English (United States)

Common path:

C:\Program Files\radarsync\uninst.exe

Digital Signature

Signed by:

RadarSync

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

5/19/2010 7:00:00 PM

Valid to:

5/20/2011 6:59:59 PM

Subject:

CN=RadarSync, O=RadarSync, L=Highland Park, S=Illinois, C=US

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

382F2F14FD5F1B98676121F145541A

File PE Metadata

Compilation timestamp:

12/5/2009 4:50:52 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

1536:npgpHzb9dZVX9fHMvG0D3XJWDgU16MVAPiLMPBADN/A6VIka35BxLs2r1JDCXR0:pgXdZt9P6D3XJC7deaM5AU35Bh/r14G

Entry address:

0x30FA

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00... 
[+]

Entropy:

6.9053

Packer / compiler:

Nullsoft install system v2.x

Code size:

23.5 KB (24,064 bytes)

Program Uninstaller

Program name:

RadarSync PC Updater 2011

Display publisher:

RadarSync Ltd

Uninstall string:

C:\Program Files (x86)\RadarSync\uninst.exe

Remove uninst.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.