» uninstall.exe
Overview
Analysis
File Details
Behaviors (1)

uninstall.exe

Razoss Bar

Razoss Ltd

The application uninstall.exe by Razoss has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This is the uninstaller utility registered in the Windows Control Panel for the program Razoss Bar by Razoss Ltd..

File name:

uninstall.exe

Publisher:

Razoss Ltd. (signed by Razoss Ltd)

Product:

Razoss Bar

Description:

Razoss Installer

Version:

0.1.0.410

MD5:

f53e962328bafdfb1bc1e58e16e3a07f

SHA-1:

f21d75a850503e1cd93573784c707453e3a33e90

SHA-256:

ff3e7193ecdc16977a97945f6183ee6eb3837d03618914bee1d3d7d1a0569ede

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 11:41:23 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Reason Heuristics

Win32.Generic

16.12.10.7

File size:

400.9 KB (410,520 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\razoss\application\uninstall.exe

Digital Signature

Signed by:

Razoss Ltd

Authority:

COMODO CA Limited

Valid from:

3/25/2012 8:00:00 PM

Valid to:

3/26/2013 7:59:59 PM

Subject:

CN=Razoss Ltd, O=Razoss Ltd, STREET=8 Mordechai Meiri, L=Tel Aviv-Jaffa, S=Israel, PostalCode=69641, C=IL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

2162C3C0B9F18CE892885F9A36086534

File PE Metadata

Compilation timestamp:

12/5/2009 5:50:46 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

Entry address:

0x323C

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00... 
[+]

Entropy:

7.9563

Packer / compiler:

Nullsoft install system v2.x

Code size:

23 KB (23,552 bytes)

Program Uninstaller

Program name:

Razoss Bar

Display publisher:

Razoss Ltd.

Display version:

0.1.0.410

Uninstall string:

"C:\users\{user}\appdata\local\razoss\application\uninstall.exe"

Remove uninstall.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.