» uninstall.exe
Overview
Analysis
File Details
Behaviors (1)

uninstall.exe

Softacular

The executable uninstall.exe has been detected as malware by 1 anti-virus scanner. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program RocketTab by RocketTab.

File name:

uninstall.exe

Publisher:

Softacular (signed and verified)

Version:

1.0.5409.17696

MD5:

0ef97be4c72455ddd1110c5a76555f69

SHA-1:

37bc46f2360983c16f4b0657ad67e3d4adb60a8b

SHA-256:

aa132aa8bceb96a1cef9da4d3622812dc42c48f594340d70b88fab303bc45d95

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

5/19/2024 10:32:45 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP (M)

17.1.4.8

File size:

4.2 MB (4,403,936 bytes)

Product version:

1.0.5409.17696

Original file name:

Installer.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\search extensions\uninstall.exe

Digital Signature

Signed by:

Softacular

Authority:

COMODO CA Limited

Valid from:

3/24/2014 12:00:00 AM

Valid to:

3/24/2015 11:59:59 PM

Subject:

CN=Softacular, O=Softacular, STREET="4600 Madison Ave, 10th FL", L=Kansas City, S=Missouri, PostalCode=64112, C=US

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

753A79B32D5A96BF1872FDE1AC60DEEA

File PE Metadata

Compilation timestamp:

10/23/2014 11:50:05 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

Entry address:

0x429048

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.7421

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

4.2 MB (4,354,560 bytes)

Program Uninstaller

Program name:

RocketTab

Display publisher:

RocketTab

Uninstall string:

"C:\Program Files (x86)\Search Extensions\uninstall.exe" /u=true /UserID=6225ea60-f6d7-4d87-a432-33f27878e740 /SourceID=google_search /ImplementationID=browsersafeguard-rockettab-hpc-gs-nt-nf /UC=2014

Remove uninstall.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.