unins000.exe

Chris P.C. srl

The executable unins000.exe has been detected as malware by 1 anti-virus scanner.
Publisher:
Chris P.C. srl  (signed and verified)

Description:
Setup/Uninstall

Version:
51.52.0.0

MD5:
888e21cc4606191916573591c5a1de3c

SHA-1:
1d497ed7d17d2496d226c753f706b59cfa94e62a

SHA-256:
731814c3c7f04f96f64254ecaa07a99f50f048958ae06aa6ed792aff14dec6ad

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
11/27/2024 2:47:14 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.11.21.9

File size:
700.5 KB (717,320 bytes)

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\chrispc videotube downloader pro\unins000.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
1/8/2013 7:00:00 AM

Valid to:
1/9/2016 6:59:59 AM

Subject:
CN=Chris P.C. srl, O=Chris P.C. srl, STREET=Nicolae Cristea 25/8, L=Cluj-Napoca, S=Cluj, PostalCode=400184, C=RO

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
319A47CF0068FDF122C7AC1163A961B8

File PE Metadata
Compilation timestamp:
6/20/1992 5:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:zuA/ac4cUrPN37qzHxA6bA7xfmL+weNERfJbkrNZcRgJmuxTfDkNQXExyci:zN/ac4cUrPN37qzHxA6odmL+tNE70tms

Entry address:
0x96BF0

Entry point:
55, 8B, EC, 83, C4, F4, 53, 56, 57, E8, 46, C7, F6, FF, E8, 9D, EA, F6, FF, E8, AC, 2C, F7, FF, E8, DB, 2E, F7, FF, E8, B2, 9C, F7, FF, E8, 25, 9D, F7, FF, E8, 7C, BC, F7, FF, E8, 8F, 23, F8, FF, E8, 8A, E2, F8, FF, E8, A9, 86, F9, FF, E8, 90, 99, F9, FF, E8, BB, 80, FB, FF, E8, 9A, 84, FB, FF, E8, 8D, 9E, FB, FF, E8, 80, B8, FB, FF, E8, 23, F0, FB, FF, E8, 26, FF, FB, FF, E8, 8D, 17, FC, FF, E8, 98, CA, FC, FF, E8, 9F, 4B, FD, FF, E8, 36, 04, FE, FF, E8, BD, AF, FE, FF, E8, 28, CF, FF, FF, 33, C0, 55, 68...
 
[+]

Entropy:
6.4986

Developed / compiled with:
Microsoft Visual C++

Code size:
600 KB (614,400 bytes)

Remove unins000.exe - Powered by Reason Core Security