home

uninst_boansite.exe

uninst_boansite

Akorea

The application uninst_boansite.exe by Akorea has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program boansite by AKorea.
Publisher:
Akorea  (signed and verified)

Product:
uninst_boansite

Description:
uninstaller

Version:
1, 0, 0, 1

MD5:
65b054156b301f3d5ed1141f708806db

SHA-1:
28822237372c10d04a9926082313c65ea6ff1dc8

SHA-256:
f0d8c4e7b2eb3635e2718397a5f14f9af84c1bb803471a3dfa6e22b79d1009d1

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/19/2024 9:38:01 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Akorea.Installer (M)
16.2.14.17

File size:
138 KB (141,328 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 2013 AKorea All rights reserved.

Original file name:
uninst_boansite.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\boansite\uninst_boansite.exe

Digital Signature
Signed by:
Akorea

Authority:
Thawte, Inc.

Valid from:
6/28/2013 9:00:00 AM

Valid to:
7/29/2014 8:59:59 AM

Subject:
CN=Akorea, O=Akorea, L=Haeundae-gu, S=BUSAN, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
47808D51BD832E4E938DE40E8ABCFACB

File PE Metadata
Compilation timestamp:
9/2/2013 10:23:27 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:znDth6L2i0zpvUOjQb6NoqPu96fWV0xLyp9TF2gsmfe0GC:f9Rx5Noeu96f3cJvP

Entry address:
0xBD540

Entry point:
60, BE, 00, E0, 49, 00, 8D, BE, 00, 30, F6, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89...
 
[+]

Entropy:
7.8563

Packer / compiler:
UPX 2.90LZMA

Code size:
128 KB (131,072 bytes)

Program Uninstaller
Program name:
boansite

Display publisher:
AKorea

Display version:
1.2

Uninstall string:
C:\Program Files\boansite\uninst_boansite.exe


Remove uninst_boansite.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.