» uninstall.exe
Overview
Analysis
File Details
Behaviors (1)

uninstall.exe

Shan Feng

The application uninstall.exe by Shan Feng has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program Chromium by Chromium Authors.

File name:

uninstall.exe

Publisher:

Shan Feng (signed and verified)

MD5:

7cdb701c323a699d4ef9698441790d3f

SHA-1:

b2f4b08ab777c2b4a0d401ae2803d30fc7f1fae2

SHA-256:

65cdce9a2243dcde55f88022565922fb0a69a89299b3a95116aa1c29d58aba3c

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

7/4/2025 8:29:54 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Elex (M)

16.8.2.5

File size:

304.4 KB (311,680 bytes)

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\chromium\application\uninstall.exe

Digital Signature

Signed by:

Shan Feng

Authority:

thawte, Inc.

Valid from:

7/31/2016 9:00:00 PM

Valid to:

2/3/2017 9:59:59 PM

Subject:

CN=Shan Feng, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:

CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:

4BFB4DF38F614EB4693F0E34CE19A156

File PE Metadata

Compilation timestamp:

8/1/2016 4:27:23 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

14.0

CTPH (ssdeep):

6144:aqShJIDA8DvOYkdvDnvHAOePiDQXj+2Fo:ah8KY2vHEk2Fo

Entry address:

0x102BD

Entry point:

E8, 99, 07, 00, 00, E9, 80, FE, FF, FF, FF, 25, 8C, D2, 42, 00, 8B, 4D, F4, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, F2, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 70, F0, 43, 00, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, F2, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 70, F0, 43, 00, 33, C5, 50, 89, 65, F0, FF, 75, FC, C7, 45... 
[+]

Code size:

175 KB (179,200 bytes)

Program Uninstaller

Program name:

Chromium

Display publisher:

Chromium Authors

Display version:

51.0.2704.68

Uninstall string:

C:\Program Files\Chromium\Application\uninstall.exe

Remove uninstall.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.