» uninstall.exe
Overview
Analysis
File Details
Behaviors (1)

uninstall.exe

BETTERBRAIN

This is part of the InfoAtoms browser extension which will display variopus forms of advertising in the web browser by injecting new ads such as banner, text-links and search results. The application uninstall.exe, “Better Brain Setup” by BETTERBRAIN has been detected as adware by 11 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This is the uninstaller utility registered in the Windows Control Panel for the program Better Brain 1.10.0.5 by Better Brain.

File name:

uninstall.exe

Publisher:

Better Brain (signed by BETTERBRAIN)

Product:

Better Brain

Description:

Better Brain Setup

Version:

1.10.0.5

MD5:

380dc58852767fbb97bca8d2249944a3

SHA-1:

db58227f7788521f624e8831cb4c54f38d563bf1

SHA-256:

ac37d9a8b0c1a39f827a0a3503c5a91c19d020c226c7fb243cc931b3780d07a9

Scanner detections:

11 / 68

Status:

Adware

Analysis date:

1/12/2025 5:07:15 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.Vitruvian.E

769

AVG

Generic

2015.0.3247

Bitdefender

Adware.Vitruvian.E

1.0.20.1805

Emsisoft Anti-Malware

Adware.Vitruvian

8.14.12.27.06

F-Secure

Adware.Vitruvian.E

11.2014-27-12_7

G Data

Adware.Vitruvian

14.12.24

Malwarebytes

PUP.Optional.BetterBuy.A

v2014.12.27.06

MicroWorld eScan

Adware.Vitruvian.E

15.0.0.1083

nProtect

Adware.Vitruvian.E

14.12.24.01

Reason Heuristics

PUP.Installer.BETTERBRAIN.J

14.12.27.18

Trend Micro House Call

Suspicious_GEN.F47V1223

7.2.361

File size:

308.6 KB (315,992 bytes)

Product version:

1.10.0.5

Original file name:

betterbrain-setup.exe

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

Language Neutral

Common path:

C:\Program Files\betterbrain_1.10.0.5\uninstall.exe

Digital Signature

Signed by:

BETTERBRAIN

Authority:

GlobalSign nv-sa

Valid from:

9/3/2014 3:15:03 PM

Valid to:

9/3/2016 3:15:03 PM

Subject:

E=support@betterbrainapp.com, CN=BETTERBRAIN, O=BETTERBRAIN, L=Dover, S=DE, C=US

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11217924DDD48F0F11FE570A7383DB34E9EF

File PE Metadata

Compilation timestamp:

12/5/2009 4:52:06 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

6144:rSNLQ1C/h8lAy1WJYFTwVKzuuU9wsf0ZWH0A1:8sC/h8ZIYhwVQuuUP

Entry address:

0x323C

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 6F, 44, 00, E8, 09, 2C, 00, 00, A3, A4, 6E, 44, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, 9C, 42, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 2E, 44, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, F0, 46, 00, 50, 57, E8, AA, 28, 00, 00... 
[+]

Entropy:

7.1307

Packer / compiler:

Nullsoft install system v2.x

Code size:

23 KB (23,552 bytes)

Program Uninstaller

Program name:

Better Brain 1.10.0.5

Display publisher:

Better Brain

Display version:

1.10.0.5

Uninstall string:

C:\Program Files (x86)\BetterBrain_1.10.0.5\Uninstall.exe

Remove uninstall.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.