uninstaller.exe

Mpagosx, S.L.

The application uninstaller.exe by Mpagosx, S.L has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program Yaimo Search Engine by Mpagosx,S.L.. The file has been seen being downloaded from 100classicgames.com and multiple other hosts.
Publisher:
Mpagosx, S.L.  (signed and verified)

MD5:
ac5ea92e91b9629d879ee42b538126c2

SHA-1:
cd4626b647b7d077653a28b088aca12448858bc7

SHA-256:
9f6917f66a8c4e028ba120409fb71ebf590482797387f060d153d9cc183b69c3

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/26/2024 12:16:48 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Mpagosx.Installer (M)
16.1.19.7

File size:
741.3 KB (759,112 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\yaimo\uninstaller.exe

Digital Signature
Signed by:

Authority:
DigiCert Inc

Valid from:
9/30/2013 9:00:00 PM

Valid to:
10/6/2014 9:00:00 AM

Subject:
CN="Mpagosx, S.L.", O="Mpagosx, S.L.", L=Cornella de Llobregat, S=Barcelona, C=ES

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
03CACC59110CD7A6D5B2E5BEDBE8D8C7

File PE Metadata
Compilation timestamp:
7/23/2014 4:17:03 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
12288:S0P8OANfjd/GljBJZnb0b+/6maer1lWqY1/lt5Snrndwtk4TPQ:S0P8OA9jdO7Lb0b66mam1lWBl5eMTI

Entry address:
0x81AEF

Entry point:
E8, D2, 8B, 00, 00, E9, 7B, FE, FF, FF, 3B, 0D, 4C, 17, 4B, 00, 75, 02, F3, C3, E9, F2, 22, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC, 57, 56, 8B, 74, 24, 10, 8B, 4C, 24, 14, 8B, 7C, 24, 0C, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, 68, 03, 00, 00, 0F, BA, 25, 18, 48, 4B, 00, 01, 73, 07, F3, A4, E9, 17, 03, 00, 00, 81, F9, 80, 00, 00, 00, 0F, 82, CE, 01, 00, 00, 8B, C7, 33, C6, A9, 0F, 00, 00, 00, 75, 0E, 0F, BA, 25, B0, 17, 4B, 00, 01, 0F, 82, DA, 04, 00, 00, 0F, BA, 25, 18, 48, 4B, 00, 00, 0F...
 
[+]

Code size:
623.5 KB (638,464 bytes)

Program Uninstaller
Program name:
Yaimo Search Engine

Display publisher:
Mpagosx,S.L.

Uninstall string:
C:\Program Files (x86)\Yaimo\Uninstaller.exe


The file uninstaller.exe has been seen being distributed by the following 2 URLs.

http://100classicgames.com/dwn/install/.../uninstaller.exe

Remove uninstaller.exe - Powered by Reason Core Security