» uninstall.exe
Overview
Analysis
File Details
Behaviors (1)

uninstall.exe

Totoro Creative

The application uninstall.exe by Totoro Creative has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program Radio Canyon by Radio Canyon.

File name:

uninstall.exe

Publisher:

Totoro Creative (signed and verified)

MD5:

2eb177bd4f2b5bc8183fee4f45868e78

SHA-1:

ee8ae68c39dbebbaaec10f2e8a32880f3169ffea

SHA-256:

18643f146bd7047019a472afbd90dd7d402688182a96b46d772c9f3c3f538d32

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

4/26/2024 3:06:08 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP (M)

16.10.14.8

File size:

101.3 KB (103,760 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\radio canyon\uninstall.exe

Digital Signature

Signed by:

Totoro Creative

Authority:

COMODO CA Limited

Valid from:

7/28/2014 1:00:00 AM

Valid to:

7/29/2015 12:59:59 AM

Subject:

CN=Totoro Creative, O=Totoro Creative, STREET=Athinodorou 3, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

086B76848B7AA4160D63421E5235EE6A

File PE Metadata

Compilation timestamp:

9/1/2014 11:04:38 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

1536:CToNhhp14W1kiavfWTrt0VcTRpclOoSE4gsWjcdIOimeJ:4IH/mnK9o+JPIOimu

Entry address:

0x5265

Entry point:

E8, 38, 66, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, C8, 6E, 41, 00, E8, 25, 0A, 00, 00, E8, CB, 32, 00, 00, 0F, B7, F0, 6A, 02, E8, CB, 65, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, AC, 5F, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8... 
[+]

Code size:

66.5 KB (68,096 bytes)

Program Uninstaller

Program name:

Radio Canyon

Display publisher:

Radio Canyon

Display version:

1.34.8.12

Uninstall string:

C:\Program Files (x86)\Radio Canyon\Uninstall.exe /fcp=1

Remove uninstall.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.