PCTopPrivacySetup.exe

PC Top Privacy

Sensei Ventures Inc

The application PCTopPrivacySetup.exe, “This installer database contains the logic and data required to install PC Top Privacy.” by Sensei Ventures Inc has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. The file has been seen being downloaded from toolkit.shieldapps.info.
Publisher:
Sensei Ventures Inc.  (signed by Sensei Ventures Inc)

Product:
PC Top Privacy

Description:
This installer database contains the logic and data required to install PC Top Privacy.

Version:
2.6.9

MD5:
a2d3115c227a9590484827b3bd9d2a2f

SHA-1:
8139179edeaafa4e54499943046da10a494a75a8

SHA-256:
db31ce037648c3e410099f4a234db24414b1de35972fc27cc1a2e2a6f2d304c4

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/25/2024 11:24:56 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Sensei.RegClean.Optional.Installer.Meta (L)
15.8.26.16

File size:
4.3 MB (4,550,008 bytes)

Product version:
2.6.9

Copyright:
Copyright (C) 2015 Sensei Ventures Inc.

Original file name:
PCTopPrivacySetup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\pctopprivacysetup.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
2/10/2014 7:00:00 PM

Valid to:
2/11/2016 6:59:59 PM

Subject:
CN=Sensei Ventures Inc, O=Sensei Ventures Inc, STREET=9550 S Eastern Ave, STREET=Suite 253, L=Las Vegas, S=NV, PostalCode=89123, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
2D04C632520848E228BD09B369D9DF38

File PE Metadata
Compilation timestamp:
10/7/2014 11:05:58 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:9G7cl1155MF19ns5F6JDDsIV9crXPvvXz3ESBHMVGjy:0uQA5F6Jf8fvvXLvBHMUm

Entry address:
0xC87EC

Entry point:
E8, 4A, CC, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 53, 56, 8B, F0, 33, DB, 3B, F3, 75, 1E, E8, 5D, 4D, 00, 00, 6A, 16, 5E, 53, 53, 53, 53, 53, 89, 30, E8, C5, D5, FF, FF, 83, C4, 14, 8B, C6, E9, C2, 00, 00, 00, 57, 39, 5D, 0C, 77, 1E, E8, 39, 4D, 00, 00, 6A, 16, 5E, 53, 53, 53, 53, 53, 89, 30, E8, A1, D5, FF, FF, 83, C4, 14, 8B, C6, E9, 9D, 00, 00, 00, 33, C0, 39, 5D, 14, 66, 89, 06, 0F, 95, C0, 40, 39, 45, 0C, 77, 09, E8, 0A, 4D, 00, 00, 6A, 22, EB, CF, 8B, 45, 10, 83, C0, FE, 83, F8, 22, 77...
 
[+]

Entropy:
7.6385

Code size:
1021.5 KB (1,046,016 bytes)

The file PCTopPrivacySetup.exe has been seen being distributed by the following URL.

Remove PCTopPrivacySetup.exe - Powered by Reason Core Security