uninstaller.exe

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This is the uninstaller utility registered in the Windows Control Panel for the program PC Data App.
Reason Core Security
MD5:
f2774b31a3688de99354a963c10571db

SHA-1:
d2d242c66b1b043dc369fa290dbca45a4db8d18c

SHA-256:
6f6988d23ee69318dbaaf4aa4e3d40810429a7cd454cbe44d10421856675dd6b

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
6/19/2015 2:21:12 AM UTC  (one month ago)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.PCDataApp.Installer.Meta (M)
15.6.18.22

Reason Core Security
File size:
85.8 KB (87,910 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\Program Files\pcdapp\uninstaller.exe

File PE Metadata
Compilation timestamp:
12/6/2009 12:50:52 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:kpgpHzb9dZVX9fHMvG0D3XJbEef2ielVGr+8LqFXoDXaLEYdVN25+QB:SgXdZt9P6D3XJdOieqruV4sNzQB

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
7.6087

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

Program Uninstaller
Program name:
PC Data App

Uninstall string:
"C:\Program Files\PCDApp\uninstaller.exe"


The file uninstaller.exe has been discovered within the following program.

PC Data App  by Adware.BitCoinMiner
The software is a Trojan Bitcoin miner that utilizes the open source CGMiner utility. The Trojan Bitcoin miner is an invasive multiple component malware infection. This is a potentially unwanted program that installs malware on the user's PC using the file start.
79% remove it
 
Powered by Should I Remove It?

Reason Core Security