home

squninstall.exe

载鸿贸易(上海)有限公司

Publisher:
载鸿贸易(上海)有限公司  (signed and verified)

MD5:
87d3eb75c8d6db909e88f2831c397874

SHA-1:
43a7cdd792eda01ed355ddfc48fd06eb05d56dfc

SHA-256:
caea85138d5b850a2ffb14d1a386d9552b1c730d07441c59ef84db01ad31296c

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
1/13/2025 4:18:07 PM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Troj.Dropper.W32.Agent
2.1.4+

File size:
1.2 MB (1,235,528 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\sq\1.0.2\squninstall.exe

Digital Signature
Signed by:
载鸿贸易(上海)有限公司

Authority:
WoSign CA Limited

Valid from:
12/3/2015 9:46:36 PM

Valid to:
12/3/2017 9:46:36 PM

Subject:
CN=载鸿贸易(上海)有限公司, O=载鸿贸易(上海)有限公司, L=上海市, S=上海市, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
2BDD19C54B3A82C664EBB50815E72D83

File PE Metadata
Compilation timestamp:
1/5/2016 6:25:16 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:MIgIdYFYGB1HmZqkDi6/rI1lx2oUMxXOLaLE7eI2O/4+MHE6iCnW+3Y9TpAPsS1K:gIdYFn17ei6/Ulxpl8TPMHkuCTpAPtdQ

Entry address:
0xA3CF6

Entry point:
E8, 53, 89, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 14, 56, 85, C0, 74, 41, 83, 7D, 08, 00, 75, 13, E8, 28, 30, 00, 00, 6A, 16, 5E, 89, 30, E8, 51, 8B, 00, 00, 8B, C6, EB, 2A, 83, 7D, 10, 00, 74, E7, 39, 45, 0C, 73, 0E, E8, 0A, 30, 00, 00, 6A, 22, 59, 89, 08, 8B, F1, EB, DE, 50, FF, 75, 10, FF, 75, 08, E8, 95, F9, FF, FF, 83, C4, 0C, 33, C0, 5E, 5D, C3, 8B, FF, 55, 8B, EC, 8B, 45, 08, 56, 8B, F1, C6, 46, 0C, 00, 85, C0, 75, 63, E8, B1, 85, 00, 00, 89, 46, 08, 8B, 48, 6C, 89, 0E, 8B, 48, 68...
 
[+]

Entropy:
6.7381

Code size:
842.5 KB (862,720 bytes)

Scan squninstall.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.