» uninstall.exe
Overview
Analysis
File Details
Behaviors (1)

uninstall.exe

360Amigo System SpeedUp

Business Bakers

The application uninstall.exe, “360Amigo System SpeedUp Installor” by Business Bakers has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program 360Amigo System Speedup Free by 360Amigo System SpeedUp.

File name:

uninstall.exe

Publisher:

360Amigo (signed by Business Bakers)

Product:

360Amigo System SpeedUp

Description:

360Amigo System SpeedUp Installor

Version:

1.2.1.7800

MD5:

1322be1f23c208b1588efbd93951f95b

SHA-1:

6b6899bd807fbe4b509af1bb3c3c8cad33e5de5b

SHA-256:

b906fbaa5a35e9e973e5871b06d099be2e4888e9711ee3fe96a3e922ae0fc69f

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

4/25/2024 1:43:14 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Win32.Generic

16.7.31.15

File size:

3.4 MB (3,610,400 bytes)

Product version:

1.2.1

Trademarks:

360Amigo

Original file name:

Setup.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\360amigo\uninstall.exe

Digital Signature

Signed by:

Business Bakers

Authority:

VeriSign, Inc.

Valid from:

8/17/2011 8:00:00 AM

Valid to:

8/17/2012 7:59:59 AM

Subject:

CN=Business Bakers, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Business Bakers, L=Helsinki, S=Helsinki, C=FI

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

08FFDE64490119842E1D0271FB0FE97A

File PE Metadata

Compilation timestamp:

6/20/1992 6:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

98304:d8hdh1jk4Un6jL8gyD9bGFBKudHKxIik+Ha:d8HhK4UnkXypibKuJ0Iik+Ha

Entry address:

0xA8E001

Entry point:

60, E9, 3D, 04, 00, 00, 17, 53, 33, 2F, 2F, 1A, 2F, EA, 5F, 68, 73, 2F, 32, 0C, 5A, CC, FF, 6E, 73, 2F, B2, EC, 2B, 78, 73, 2F, 2F, B8, CC, 2B, 78, 73, 2F, 3E, B4, 95, 32, 2F, 2F, F6, B4, 62, 68, 73, 2F, 2F, 2F, 2F, 2F, BC, B4, 33, 79, 73, 2F, 7F, 2E, C4, 2F, 7A, 73, 2F, B8, B4, 2F, 79, 73, 2F, BA, 27, BC, CC, 40, 79, 73, 2F, 82, 7F, 2E, C4, 2B, 79, 73, 2F, B8, B4, 2B, 6E, 73, 2F, BC, CC, 4D, 79, 73, 2F, 82, 86, 2E, C4, 2B, 79, 73, 2F, B8, B4, 2F, 6F, 73, 2F, BC, B4, E4, 68, 73, 2F, 2E, 0F, 1B, 51, 42, 2F... 
[+]

Entropy:

7.9986

Packer / compiler:

ASPack v2.11

Code size:

1.2 MB (1,251,840 bytes)

Program Uninstaller

Program name:

360Amigo System Speedup Free

Display publisher:

360Amigo System SpeedUp

Display version:

1.2.1.7800

Uninstall string:

C:\Program files\360Amigo\Uninstall.exe /REMOVE

Remove uninstall.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.