» uninstall.exe
Overview
Analysis
File Details
Behaviors (1)
Downloads (1)

uninstall.exe

360 Amigo System SpeedUp

Business Bakers

The application uninstall.exe by Business Bakers has been detected as a potentially unwanted program by 3 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program 360 Amigo System Speedup Free by 360 Amigo System SpeedUp. The file has been seen being downloaded from downloads.zoznam.sk.

File name:

uninstall.exe

Publisher:

360Amigo (signed by Business Bakers)

Product:

360 Amigo System SpeedUp

Version:

1.2.1.5300

MD5:

e5b8057dddc73c308908bafe18c56f43

SHA-1:

91eb93ca41abd165b14ff17b4e392aa1ff83b8d0

SHA-256:

b4d0633290e41df2f049a02313e290b165c941937c2f86c1de5b8548473c51c1

Scanner detections:

3 / 68

Status:

Potentially unwanted

Analysis date:

4/16/2024 8:47:23 PM UTC (today)

Scan engine

Detection

Engine version

Baidu Antivirus

Trojan.Win32.360Amigo

4.0.3.14727

ESET NOD32

Win32/360Amigo (variant)

8.8959

Reason Heuristics

PUP.Optional.Installer.J

14.7.27.1

File size:

3.1 MB (3,210,312 bytes)

Product version:

1.2

Trademarks:

360Amigo

Original file name:

Setup.exe

File type:

Executable application (Win32 EXE)

Language:

Anglictina (Spojené královstvo)

Common path:

C:\Program Files\360amigo\uninstall.exe

Digital Signature

Signed by:

Business Bakers

Authority:

VeriSign, Inc.

Valid from:

7/30/2010 2:00:00 AM

Valid to:

7/31/2011 1:59:59 AM

Subject:

CN=Business Bakers, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Business Bakers, L=Helsinki, S=Helsinki, C=FI

Issuer:

CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

71346AFF5AC5D072DC31F7DC3A872308

File PE Metadata

Compilation timestamp:

6/20/1992 12:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

98304:6QKR5UEJc3StezxGXIW4Chte+lLbGVLgVx6tQ:nvEJxtPlLSZ/Q

Entry address:

0x8CA001

Entry point:

60, E9, 3D, 04, 00, 00, E9, 25, 05, 01, 01, EC, 01, BC, 31, 3A, 45, 01, 04, DE, 2C, 9E, D1, 40, 45, 01, 84, BE, FD, 4A, 45, 01, 01, 8A, 9E, FD, 4A, 45, 01, 10, 86, 67, 04, 01, 01, C8, 86, 34, 3A, 45, 01, 01, 01, 01, 01, 8E, 86, 05, 4B, 45, 01, 51, 00, 96, 01, 4C, 45, 01, 8A, 86, 01, 4B, 45, 01, 8C, F9, 8E, 9E, 12, 4B, 45, 01, 54, 51, 00, 96, FD, 4B, 45, 01, 8A, 86, FD, 40, 45, 01, 8E, 9E, 1F, 4B, 45, 01, 54, 58, 00, 96, FD, 4B, 45, 01, 8A, 86, 01, 41, 45, 01, 8E, 86, B6, 3A, 45, 01, 00, E1, DD, 20, 19, 01... 
[+]

Packer / compiler:

ASProtect v1.1

Code size:

1.5 MB (1,577,984 bytes)

Program Uninstaller

Program name:

360 Amigo System Speedup Free

Display publisher:

360 Amigo System SpeedUp

Display version:

1.2.1.5300

Uninstall string:

C:\Program files\360Amigo\Uninstall.exe /REMOVE

The file uninstall.exe has been seen being distributed by the following URL.

http://downloads.zoznam.sk/.../360amigo-system-speedup-87?did=8856

Remove uninstall.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.