uninstall.exe

Forden Limited

The application uninstall.exe by Forden Limited has been detected as a potentially unwanted program by 2 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This is the uninstaller utility registered in the Windows Control Panel for the program Smart Menu by Smart Menu.
Publisher:
Forden Limited  (signed and verified)

MD5:
428d5b781dbb9da74bf3d0c755680c8e

SHA-1:
2d7106e12072e310bc820df3390fe84d5ac57d8b

SHA-256:
6fd6b7ae376bf5c2e811b84478e616c655206d21ddcd3d42eaba9c0206a9c219

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
11/15/2024 10:57:05 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.Agent
7.1.1

Reason Heuristics
PUP.Optional.FordenLimited.J
14.11.20.9

File size:
281.7 KB (288,480 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\Program Files\smart menu\uninstall.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
9/29/2013 5:00:00 PM

Valid to:
9/30/2015 4:59:59 PM

Subject:
CN=Forden Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Forden Limited, L=Hong Kong, S=Hong Kong, C=HK

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6461487D97F357A58308D95A226D26EC

File PE Metadata
Compilation timestamp:
2/24/2012 11:20:04 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:C5BuYAVrgUCPnSceADuqmGToLdbg9sNv+AV95JjZNEo3HoVw3lKdoH2VeN:C50gUCqmDOGToJbg96vn5qwVj2UN

Entry address:
0x38AF

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, 68, A2, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 90, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 90, 40, 00, 55, FF, 15, C0, 92, 40, 00, 6A, 08, A3, 98, EB, 47, 00, E8, 36, 2A, 00, 00, 55, 68, B4, 02, 00, 00, A3, B0, EA, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 64, A2, 40, 00, FF, 15, 84, 91, 40, 00, 68, 4C, A2, 40, 00, 68, A0, 6A, 47, 00, E8, 18, 27, 00, 00, FF, 15, B0, 90, 40, 00, 50, BF, A0, F0, 4C, 00, 57, E8, 06, 27, 00, 00...
 
[+]

Entropy:
5.1319

Packer / compiler:
Nullsoft install system v2.x

Code size:
29 KB (29,696 bytes)

Program Uninstaller
Program name:
Smart Menu

Display publisher:
Smart Menu

Display version:
4.3

Uninstall string:
"C:\Program Files\Smart Menu\Uninstall.exe"


Remove uninstall.exe - Powered by Reason Core Security