uninstall.exe

Forden Limited

The application uninstall.exe by Forden Limited has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This is the uninstaller utility registered in the Windows Control Panel for the program Smart Menu by Smart Menu.
Publisher:
Forden Limited  (signed and verified)

MD5:
9c0b53d6f4737469a8ca3fd03582eb67

SHA-1:
bca0d2b2dea324be5626abf38330494ee2088744

SHA-256:
51106df77dc742c635a9502fd8530be415f77eac7eb66eb033e1cafa6f392f1a

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/15/2024 10:42:33 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Win32.Generic
16.2.6.21

File size:
158.5 KB (162,336 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\Program Files\smart menu\uninstall.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
9/30/2013 7:00:00 AM

Valid to:
10/1/2015 6:59:59 AM

Subject:
CN=Forden Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Forden Limited, L=Hong Kong, S=Hong Kong, C=HK

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6461487D97F357A58308D95A226D26EC

File PE Metadata
Compilation timestamp:
12/6/2009 5:50:52 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:7gXdZt9P6D3XJ5ceAbw6Kfebfi1mvPUXVOsfo79:7e34Xmbw6KGbq6sfo79

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
5.4880

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

Program Uninstaller
Program name:
Smart Menu

Display publisher:
Smart Menu

Display version:
4.0

Uninstall string:
"C:\Program Files\Smart Menu\Uninstall.exe"


Remove uninstall.exe - Powered by Reason Core Security