» uninstaller.exe
Overview
Analysis
File Details

uninstaller.exe

Advanced Uninstaller

Innovative Solutions GRUP SRL

The executable uninstaller.exe has been detected as malware by 23 anti-virus scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source.

File name:

uninstaller.exe

Publisher:

Innovative Solutions GRUP SRL

Product:

Advanced Uninstaller

Version:

10.0.0.199

MD5:

096dd5b49abdf09d7ec52e59183dd87f

SHA-1:

1a0ffbec28ed9319bd52fdcc2ace05f487881a0c

SHA-256:

15f52353f020788cf26272c7f1c5a594bc1de7bcc0c7a2994ea1c38d4e4cf265

Scanner detections:

23 / 68

Status:

Malware

Analysis date:

5/10/2024 4:58:55 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Backdoor.Generic.344575

887

Agnitum Outpost

Trojan.PWS.LdPinch

7.1.1

Avira AntiVirus

TR/PSW.LdPinch.amtd

7.11.159.226

avast!

Win32:Malware-gen

2014.9-140901

AVG

PSW.Ldpinch

2015.0.3365

Baidu Antivirus

Trojan.Win32.Polipos

4.0.3.1491

Bitdefender

Backdoor.Generic.344575

1.0.20.1220

Bkav FE

W32.Clod1b9.Trojan

1.3.0.4959

Emsisoft Anti-Malware

Backdoor.Generic.344575

8.14.09.01.04

Fortinet FortiGate

W32/LdPinch.AMTD!tr.pws

9/1/2014

F-Prot

W32/MalwareF.ODYK

v6.4.7.1.166

F-Secure

Backdoor.Generic.344575

11.2014-01-09_2

G Data

Backdoor.Generic.344575

14.9.24

IKARUS anti.virus

Trojan-PWS.LDPinch

t3scan.1.6.1.0

McAfee

Artemis!096DD5B49ABD

5600.7021

MicroWorld eScan

Backdoor.Generic.344575

15.0.0.732

Norman

Suspicious_Gen2.DSASQ

11.20140901

nProtect

Backdoor.Generic.344575

14.07.09.03

Panda Antivirus

Trj/CI.A

14.09.01.04

Qihoo 360 Security

Win32/Trojan.PSW.9ca

1.0.0.1015

Rising Antivirus

PE:Virus.Polipos!1.9BC6

23.00.65.14830

VIPRE Antivirus

Realtime-Spy

31148

Zillya! Antivirus

Trojan.LdPinch.Win32.11788

2.0.0.1853

File size:

3.5 MB (3,688,960 bytes)

Product version:

Innovative Solutions GRUP SRL

Trademarks:

Innovative Solutions GRUP SRL

Original file name:

uninstaller.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\innovative solutions\advanced uninstaller pro\uninstaller.exe

File PE Metadata

Compilation timestamp:

6/19/1992 3:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:SXoqUHE9M7nTF116tc/SxOSDLpQoAqsKFku90PISon5Wss2gVasm4u9+jtwgQ0Z7:SY+M7nTPcHAumZogCZ4uIjtwgDwiS8

Entry address:

0x1000

Entry point:

B8, 94, 64, 16, 01, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 13, 5F, AC, 93, F6, DA, 0E, 4A, 3E, 62, 1D, 64, 84, 49, A8, 0C, 99, B2, F5, 69, 35, D4, 52, AF, E7, 82, B9, EB, DF, CC, A0, 22, 6A, 2B, BE, 51, 1A, 99, 65, 5D, 3C, 2E, 0E, EC, F0, 0D, F1, D0, 45, 2F, 5F, 4B, D5, E4, F9, 14, 89, FC, E6, AB, 07, 93, BD, 92, CD, 44, 5F, 78, 78, A2, 0B, DF, 42, 3C, 85, 4C, 15, A4, B2, A9, 04, CD, 7B, 06, DC, 81, C9, 32, F6, 1C, 06, FD, 5A... 
[+]

Entropy:

7.9928

Packer / compiler:

PECompact v2

Code size:

16 KB (16,384 bytes)

Remove uninstaller.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.