» uninstall.exe
Overview
Analysis
File Details
Behaviors (1)

uninstall.exe

360 Amigo System SpeedUp

Business Bakers

The application uninstall.exe by Business Bakers has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program 360 Amigo System Speedup Free by 360 Amigo System SpeedUp.

File name:

uninstall.exe

Publisher:

360Amigo (signed by Business Bakers)

Product:

360 Amigo System SpeedUp

Version:

1.2.0.9500

MD5:

5139ff0cda391bad79bc2b8276b586e8

SHA-1:

ebfcf2445e87233c46163873493aa2782aeadc0b

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

4/25/2024 3:26:53 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Win32.Generic

15.12.26.11

File size:

3.2 MB (3,354,184 bytes)

Product version:

1.2

Trademarks:

360Amigo

Original file name:

Setup.exe

File type:

Executable application (Win32 EXE)

Language:

English

Common path:

C:\Program Files\360amigo\uninstall.exe

Digital Signature

Signed by:

Business Bakers

Authority:

VeriSign, Inc.

Valid from:

7/30/2010 1:00:00 AM

Valid to:

7/31/2011 12:59:59 AM

Subject:

CN=Business Bakers, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Business Bakers, L=Helsinki, S=Helsinki, C=FI

Issuer:

CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

71346AFF5AC5D072DC31F7DC3A872308

File PE Metadata

Compilation timestamp:

6/19/1992 11:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

98304:LpFsQ5yg5iuganJHadoSw8Vhi+mj4+PUAD:LpFs0EnoJHIVhi+D+cs

Entry address:

0x709001

Entry point:

60, E9, 3D, 04, 00, 00, 67, A3, 83, 7F, 7F, 6A, 7F, 3A, AF, B8, C3, 7F, 82, 5C, AA, 1C, 4F, BE, C3, 7F, 02, 3C, 7B, C8, C3, 7F, 7F, 08, 1C, 7B, C8, C3, 7F, 8E, 04, E5, 82, 7F, 7F, 46, 04, B2, B8, C3, 7F, 7F, 7F, 7F, 7F, 0C, 04, 83, C9, C3, 7F, CF, 7E, 14, 7F, CA, C3, 7F, 08, 04, 7F, C9, C3, 7F, 0A, 77, 0C, 1C, 90, C9, C3, 7F, D2, CF, 7E, 14, 7B, C9, C3, 7F, 08, 04, 7B, BE, C3, 7F, 0C, 1C, 9D, C9, C3, 7F, D2, D6, 7E, 14, 7B, C9, C3, 7F, 08, 04, 7F, BF, C3, 7F, 0C, 04, 34, B8, C3, 7F, 7E, 5F, 0B, 22, 89, 7F... 
[+]

Packer / compiler:

ASPack v2.11

Code size:

678 KB (694,272 bytes)

Program Uninstaller

Program name:

360 Amigo System Speedup Free

Display publisher:

360 Amigo System SpeedUp

Display version:

1.2.0.9500

Uninstall string:

C:\Program Files\360Amigo\Uninstall.exe /REMOVE

Remove uninstall.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.