bch_plus.exe

PC Backup Software Limited

The application bch_plus.exe by PC Backup Software Limited has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Nullsoft Scriptable Install System installer.
Publisher:
PC Backup Software Limited  (signed and verified)

MD5:
6fddd3641f83cbdc0acb0807986e50d9

SHA-1:
76d03c02f057930f45af1b90a18d68416d310697

SHA-256:
a3d618b1d8162909d4c20bb3b4d74a401075802b419ac0d15f130b2d628bfa3c

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/24/2024 1:50:10 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Win32.Generic
17.1.30.22

File size:
72.1 KB (73,880 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Nullsoft Scriptable Install System

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\bch_plus.exe

Digital Signature
Authority:
DigiCert Inc

Valid from:
7/7/2014 9:00:00 PM

Valid to:
7/12/2016 9:00:00 AM

Subject:
CN=PC Backup Software Limited, O=PC Backup Software Limited, L=Whiteley, S=Hanmpshire, C=GB

Issuer:
CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
05695BB515DA4B74B5B9C54CEBC782E0

File PE Metadata
Compilation timestamp:
12/5/2009 8:50:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x30FA

Entry point:
00, 00, 00, 00, 00, 00, 17, 01, 70, 00, 6B, 00, 67, 00, 31, 00, 35, 00, 30, 00, 31, 00, 30, 00, 31, 00, 30, 00, 31, 00, 30, 00, 30, 00, 30, 00, 30, 00, 30, 00, 30, 00, 37, 00, 65, 00, 2E, 00, 62, 00, 69, 00, 6E, 00, 00, 00, 00, 00, 00, 00, 00, 00, 10, 00, 00, 00, 02, 00, 00, 00, 29, C3, 00, 00, 00, 00, 21, 00, 35, 0E, 0D, 80, 7D, 27, D0, 01, 35, 0E, 0D, 80, 7D, 27, D0, 01, 35, 0E, 0D, 80, 7D, 27, D0, 01, 35, 0E, 0D, 80, 7D, 27, D0, 01, 18, 01, 00, 00, 00, 00, 00, 00, 12, 01, 00, 00, 00, 00, 00, 00, 20, 00...
 
[+]

Code size:
23.5 KB (24,064 bytes)

Remove bch_plus.exe - Powered by Reason Core Security