home

unins000.exe

Ye Yizhou

The application unins000.exe by Ye Yizhou has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Ye Yizhou  (signed and verified)

Description:
Setup/Uninstall

Version:
51.52.0.0

MD5:
30e7263ae405f8718311b2d3a0f8bd95

SHA-1:
81169e1eab74b9ee5463cbec16ab60d249d66016

SHA-256:
58487c5a0f0decc61ce563649afd21cc2c71d79ce39d0d2ec3da062917253849

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 4:46:29 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Bundler (M)
16.9.6.0

File size:
886.1 KB (907,320 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\mp3剪切合并大师\unins000.exe

Digital Signature
Signed by:
Ye Yizhou

Authority:
WoSign CA Limited

Valid from:
9/7/2015 11:00:33 AM

Valid to:
9/7/2016 11:00:33 AM

Subject:
CN=Ye Yizhou, L=Longyou, S=Zhejiang, C=CN

Issuer:
CN=WoSign Class 2 Code Signing CA G2, O=WoSign CA Limited, C=CN

Serial number:
304E7576E2082A9B6E87C0FFCC4B397C

File PE Metadata
Compilation timestamp:
6/20/1992 6:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:2E03mCLvfrPW373zHlA69Jpm8E7n9uZXGBxXmXExGsh:H03brPW373zHlA6tK9uZXUbx

Entry address:
0xC3C00

Entry point:
55, 8B, EC, 83, C4, F4, 53, 56, 57, E8, FE, F7, F3, FF, E8, 55, 1B, F4, FF, E8, B8, 64, F4, FF, E8, 9F, 6C, F4, FF, E8, 52, E9, F4, FF, E8, 65, F6, F4, FF, E8, 2C, 9D, F5, FF, E8, E3, 9D, F5, FF, E8, CA, D5, F5, FF, E8, 45, 7C, F8, FF, E8, 18, E4, F8, FF, E8, 1B, 53, F9, FF, E8, FA, 56, F9, FF, E8, 59, 5F, F9, FF, E8, 34, 73, F9, FF, E8, 27, 8D, F9, FF, E8, CA, C4, F9, FF, E8, CD, D3, F9, FF, E8, 34, EC, F9, FF, E8, DB, 70, FA, FF, E8, 5E, A1, FA, FF, E8, 45, 23, FB, FF, E8, C8, DE, FB, FF, E8, 7B, 67, FC...
 
[+]

Entropy:
6.4753

Developed / compiled with:
Microsoft Visual C++

Code size:
780 KB (798,720 bytes)

Remove unins000.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.