» browsecamouninstall.exe
Overview
Analysis
File Details
Behaviors (1)

browsecamouninstall.exe

Target Practice

The application browsecamouninstall.exe by Target Practice has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This is the uninstaller utility registered in the Windows Control Panel for the program Browse Camo by Browse Camo.

File name:

Publisher:

Target Practice (signed and verified)

MD5:

662020012d6d8d57b3904c5415cb3546

SHA-1:

909c5d96913214e722d0cd8066fb78f3e679d844

SHA-256:

7210d6911f5bda188199a151b0df3f274dfbfa2df41d783da4410db1dceb5050

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/27/2024 4:34:25 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Yontoo (M)

17.3.13.1

File size:

243.3 KB (249,096 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\Program Files\browse camo\browsecamouninstall.exe

Digital Signature

Signed by:

Target Practice

Authority:

VeriSign, Inc.

Valid from:

9/2/2015 7:00:00 AM

Valid to:

9/2/2016 6:59:59 AM

Subject:

CN=Target Practice, O=Target Practice, L=San Diego, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

7FEE09C788DC975DA366D390F75BAD4D

File PE Metadata

Compilation timestamp:

12/6/2009 5:52:01 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

Entry address:

0x30CB

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 38, 6F, 44, 00, E8, F1, 2B, 00, 00, A3, 84, 6E, 44, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 30, 9C, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 80, 2E, 44, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, F0, 46, 00, 50, 57, E8, 92, 28, 00, 00... 
[+]

Packer / compiler:

Nullsoft install system v2.x

Code size:

22.5 KB (23,040 bytes)

Program Uninstaller

Program name:

Browse Camo

Display publisher:

Browse Camo

Display version:

2016.02.12.001550

Uninstall string:

C:\Program Files (x86)\Browse Camo\BrowseCamouninstall.exe

Remove browsecamouninstall.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.