home

Little Registry Cleaner.exe

Little Registry Cleaner

Nicholas Hamnett

The application Little Registry Cleaner.exe by Nicholas Hamnett has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Little Apps  (signed by Nicholas Hamnett)

Product:
Little Registry Cleaner

Version:
1.6.0

MD5:
7e5045d18483a5afd87b3053659540b0

SHA-1:
b6e67aa2f44e0809f594d3728bfbc5d91f5cbe21

SHA-256:
43b18c1c663357e2c781926068672e2de13fe4986f61813e3c0922f365ab6777

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 3:05:47 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.NicholasHamnett.X
14.10.1.11

File size:
1.7 MB (1,802,128 bytes)

Product version:
1.6.0

Copyright:
Copyright © Little Apps 2008

Original file name:
Little Registry Cleaner.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\little registry cleaner\little registry cleaner.exe

Digital Signature
Signed by:
Nicholas Hamnett

Authority:
StartCom Ltd.

Valid from:
4/23/2012 9:41:05 PM

Valid to:
4/25/2014 10:51:05 PM

Subject:
E=nick@little-apps.org, CN=Nicholas Hamnett, L=Calgary, S=Alberta, C=CA, Description=1SALusP98pZrQP0b

Issuer:
CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
05F0

File PE Metadata
Compilation timestamp:
8/19/2013 1:42:03 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:BZv6mJ5ggq3mJ5ggOaBapsmJ5ggpOf4GX1aRuprFIq03apShiF5AcmJ5ggE:jv6C2Z3C2daBa+C2fgGF9XphecC2X

Entry address:
0x17023E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.2343

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
1.4 MB (1,500,160 bytes)

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to a95-101-72-217.deploy.akamaitechnologies.com  (95.101.72.217:80)

Remove Little Registry Cleaner.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.