» uninstall.exe
Overview
Analysis
File Details
Behaviors (1)

uninstall.exe

360 Amigo System SpeedUp

Business Bakers

The application uninstall.exe by Business Bakers has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program 360 Amigo System Speedup Free by 360 Amigo System SpeedUp.

File name:

uninstall.exe

Publisher:

360Amigo (signed by Business Bakers)

Product:

360 Amigo System SpeedUp

Version:

1.2.0.3673

MD5:

8a1b665628fe5340fe7632bee15fca1b

SHA-1:

3648cd1b889112ed98f9470b3b8ea9fd19d5112c

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

5/10/2024 5:20:45 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Win32.Generic

16.2.8.19

File size:

2.7 MB (2,801,224 bytes)

Product version:

1.2

Trademarks:

360Amigo

Original file name:

AmigoSetup.exe

File type:

Executable application (Win32 EXE)

Language:

English (United Kingdom)

Common path:

C:\Program Files\360amigo\uninstall.exe

Digital Signature

Signed by:

Business Bakers

Authority:

VeriSign, Inc.

Valid from:

7/30/2010 7:00:00 AM

Valid to:

7/31/2011 6:59:59 AM

Subject:

CN=Business Bakers, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Business Bakers, L=Helsinki, S=Helsinki, C=FI

Issuer:

CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

71346AFF5AC5D072DC31F7DC3A872308

File PE Metadata

Compilation timestamp:

6/20/1992 5:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:0MCNbOGBgFTX+cufRMxAZYRVhtmhFk2Z2aG7EacGPoq5tdLU3rSFTaVrpK2NhVVT:ybORTX+cuMAZehtmhduEaBwCdLUeGKQh

Entry address:

0x5C1001

Entry point:

60, E9, 3D, 04, 00, 00, E7, 23, 03, FF, FF, EA, FF, BA, 2F, 38, 43, FF, 02, DC, 2A, 9C, CF, 3E, 43, FF, 82, BC, FB, 48, 43, FF, FF, 88, 9C, FB, 48, 43, FF, 0E, 84, 65, 02, FF, FF, C6, 84, 32, 38, 43, FF, FF, FF, FF, FF, 8C, 84, 03, 49, 43, FF, 4F, FE, 94, FF, 4A, 43, FF, 88, 84, FF, 49, 43, FF, 8A, F7, 8C, 9C, 10, 49, 43, FF, 52, 4F, FE, 94, FB, 49, 43, FF, 88, 84, FB, 3E, 43, FF, 8C, 9C, 1D, 49, 43, FF, 52, 56, FE, 94, FB, 49, 43, FF, 88, 84, FF, 3F, 43, FF, 8C, 84, B4, 38, 43, FF, FE, DF, EF, D3, 08, FF... 
[+]

Entropy:

7.9974

Packer / compiler:

ASPack v2.11

Code size:

626 KB (641,024 bytes)

Program Uninstaller

Program name:

360 Amigo System Speedup Free

Display publisher:

360 Amigo System SpeedUp

Display version:

1.2.0.3673

Uninstall string:

C:\Program Files\360Amigo\Uninstall.exe /REMOVE

Remove uninstall.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.