uninstall.exe

Installer

Ignore Idea Inc. LLC

The application uninstall.exe by Ignore Idea has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program SimpleFiles by https://www.www.simples-files.com. While running, it connects to the Internet address www.ibbalance.com on port 443.
Publisher:
New Monte Inc  (signed by Ignore Idea Inc. LLC)

Product:
Installer

Version:
1, 0, 1059, 1

MD5:
cf7c761162d3180d8ea8f584417a4607

SHA-1:
ace4c36016d2f5409b6681c012d489d7b09295fa

SHA-256:
dace1b1371afaeb5d51c247864a406500c2e1a4b0c8f2acd3e164145f6beffcf

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/23/2024 10:37:00 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.ViaAdvertising (M)
17.3.16.11

File size:
3.3 MB (3,467,920 bytes)

Product version:
1.0.0.1

Copyright:
Copyright (C) 2015

Original file name:
Installer.exe

File type:
Executable application (Win32 EXE)

Language:
English

Common path:
C:\Program Files\simplefiles\uninstall.exe

Digital Signature
Authority:
Ignore Idea Inc. LLC

Valid from:
1/30/2016 12:15:37 AM

Valid to:
1/29/2017 12:15:37 AM

Subject:
CN=Ignore Idea LLC, OU=Ignore Idea LLC, O=Ignore Idea Inc. LLC, S=Manchester, C=UK

Issuer:
CN=Ignore Idea LLC, C=UK, S=Manchester, L=Manchester, E=admin@ignoreidea.com, OU=Ignore Idea LLC, O=Ignore Idea Inc. LLC

Serial number:
100001

File PE Metadata
Compilation timestamp:
1/25/2016 3:32:57 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

Entry address:
0x678013

Entry point:
E9, 12, C2, 0B, 00, A4, FA, 9F, 45, 4F, 4D, 6E, 74, CE, 0F, F2, DB, DF, 9F, E3, FB, 06, CB, 07, 26, 94, 1E, E3, 1E, E3, F6, 0B, E6, 9C, 32, EE, 5F, B3, D1, 9D, F7, FE, 03, C2, 3F, BA, 47, 92, 55, 33, CB, A6, D2, 31, CA, 7C, 62, 43, 91, C0, 89, 9A, 11, 80, 95, DB, 11, 79, B3, 96, DD, 45, 92, 60, 81, 1F, 00, 47, 0D, C0, 1D, EB, EE, 10, 94, 58, 0F, 1B, AC, C2, 23, AA, 00, E5, 84, B9, 48, A5, 42, 0E, 5F, 9B, E1, 63, 84, D8, 0F, 49, 33, 1D, CA, A2, 45, 07, 66, B4, B9, 7D, 6A, E6, 22, E0, 94, 32, 03, 17, 55, A7...
 
[+]

Entropy:
7.9129

Packer / compiler:
Xtreme-Protector v1.05

Code size:
1.5 MB (1,587,200 bytes)

Program Uninstaller
Program name:
SimpleFiles

Display publisher:
https://www.www.simples-files.com

Display version:
15.16.05

Uninstall string:
"C:\Program Files (x86)\SimpleFiles\Uninstall.exe"


The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to www.softologic.com  (174.37.181.31:80)

TCP (HTTP SSL):
Connects to www.ibbalance.com  (173.192.190.227:443)

TCP (HTTP):

Remove uninstall.exe - Powered by Reason Core Security