ProPCCleanerSetup.exe

Pro PC Cleaner

Rainmaker Software Group LLC

The file ProPCCleanerSetup.exe, “This installer database contains the logic and data required to install Pro PC Cleaner.” by Rainmaker Software Group has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Rainmaker Software Group LLC.​  (signed by Rainmaker Software Group LLC)

Product:
Pro PC Cleaner

Description:
This installer database contains the logic and data required to install Pro PC Cleaner.

Version:
2.5.6

MD5:
2f32c986ee8ba31657f09c4435234ea4

SHA-1:
9eebaf4d95d9f3d9085b58734e6a92efe10daee6

SHA-256:
f527ce16d2a870db9802fa2bd3117b833d1ede5651193ffd5e5a4f145539ad4a

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/5/2024 3:19:15 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Rainmaker.Installer.Meta (L)
16.6.13.20

File size:
6.3 MB (6,604,008 bytes)

Product version:
2.5.6

Copyright:
Copyright (C) 2014 Rainmaker Software Group LLC.​

Original file name:
ProPCCleanerSetup.exe

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\propccleaner.exe.tmp

Digital Signature
Authority:
Symantec Corporation

Valid from:
11/11/2014 7:00:00 PM

Valid to:
11/12/2015 6:59:59 PM

Subject:
CN=Rainmaker Software Group LLC, O=Rainmaker Software Group LLC, L=Wilmington, S=Delaware, C=US, SERIALNUMBER=5411289, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US

Issuer:
CN=Symantec Class 3 Extended Validation Code Signing CA - G2, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
71B3EF9E363C3440B74AB0B78DC2553E

File PE Metadata
Compilation timestamp:
10/7/2014 11:05:58 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
196608:VuQ65LPbjGJ4+Px40DNORLqSU9mnWroMi3kmE:c5LGu+PxXRO4pmnBMi0p

Entry address:
0xC87EC

Entry point:
E8, 4A, CC, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 53, 56, 8B, F0, 33, DB, 3B, F3, 75, 1E, E8, 5D, 4D, 00, 00, 6A, 16, 5E, 53, 53, 53, 53, 53, 89, 30, E8, C5, D5, FF, FF, 83, C4, 14, 8B, C6, E9, C2, 00, 00, 00, 57, 39, 5D, 0C, 77, 1E, E8, 39, 4D, 00, 00, 6A, 16, 5E, 53, 53, 53, 53, 53, 89, 30, E8, A1, D5, FF, FF, 83, C4, 14, 8B, C6, E9, 9D, 00, 00, 00, 33, C0, 39, 5D, 14, 66, 89, 06, 0F, 95, C0, 40, 39, 45, 0C, 77, 09, E8, 0A, 4D, 00, 00, 6A, 22, EB, CF, 8B, 45, 10, 83, C0, FE, 83, F8, 22, 77...
 
[+]

Entropy:
7.7854  (probably packed)

Code size:
1021.5 KB (1,046,016 bytes)

Remove ProPCCleanerSetup.exe - Powered by Reason Core Security