home

Uninstall.exe

点滴天气

刘诗诗

This is a setup and installation application.
Publisher:
刘诗诗  (signed and verified)

Product:
点滴天气

Description:
点滴天气卸载程序

Version:
1.0.0.0

MD5:
e16b9671929ce77f1e15b6c87f992697

SHA-1:
bf6256a7768b10d0df837ba649d8680caf795cc3

SHA-256:
fce58f0216f1d80e840161cbca13aea2085544750bf41999bb664d80a563cd37

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/23/2024 11:29:53 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Trend Micro House Call
Suspicious_GEN.F47V1228
7.2.185

File size:
311.1 KB (318,616 bytes)

Product version:
1.0.0.0

Original file name:
Uninstall.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\dayweather\uninstall.exe

Digital Signature
Signed by:
刘诗诗

Authority:
WoSign CA Limited

Valid from:
6/11/2014 4:48:01 PM

Valid to:
6/11/2015 4:48:01 PM

Subject:
CN=刘诗诗, E=5011net@sina.com, L=常山县, S=浙江省, C=CN

Issuer:
CN=WoSign Class 2 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
05767A56D82D3A4015513D7E7534F5F1

File PE Metadata
Compilation timestamp:
12/10/2014 4:58:27 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
6144:oUzTetkKvacFIQceJWJv+PXt+IF1g7htlV7k/a9yq:Rz+kKycKvmPXt+gg7zAOX

Entry address:
0xA8FD

Entry point:
E8, DF, 04, 00, 00, E9, 49, FE, FF, FF, 3B, 0D, 0C, 30, 41, 00, 75, 02, F3, C3, E9, 17, 06, 00, 00, FF, 25, 58, D2, 40, 00, 83, 3D, 04, 3D, 41, 00, 00, 74, 03, 33, C0, C3, 56, 6A, 04, 6A, 20, FF, 15, A4, D1, 40, 00, 59, 59, 8B, F0, 56, FF, 15, 90, D0, 40, 00, A3, 04, 3D, 41, 00, A3, 00, 3D, 41, 00, 85, F6, 75, 05, 6A, 18, 58, 5E, C3, 83, 26, 00, 33, C0, 5E, C3, 6A, 14, 68, D8, 10, 41, 00, E8, FC, 01, 00, 00, 83, 65, DC, 00, FF, 35, 04, 3D, 41, 00, 8B, 35, C0, D0, 40, 00, FF, D6, 89, 45, E4, 83, F8, FF, 75...
 
[+]

Entropy:
7.6036

Code size:
45 KB (46,080 bytes)

Scan Uninstall.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.