unins000.exe

  • File Path: C:\Program Files\Greenshot\unins000.exe
  • Description: Setup/Uninstall

Hashes

Type Hash
MD5 D1A078992E232919EA834226AEA627A8
SHA1 53F5AF8C06721EF5B62F56037E3B57DC4B517EAF
SHA256 655DA9C7F64EF8F0F48160C76B8DC5443AABA63E8C6B3534A266E9CD5A18489F
SHA384 2772D4EDBF6A7BD4FFCF56CBBD2AC710C807AFF4055032C04E0A653B17B8569B9C8D0CA8E87187BAD6DB2062748135A9
SHA512 E056370322E58725961C024D1F322D31066BFFD8B8D77F80FC14D2B5861788EF00E5EBC3FA6F51A6B0A94BDB02E8FFFEA48926716275754DD77BBE0FB8E221F8
SSDEEP 24576:UtdAm9DUi/CR3wCkCiRgoG7hBaHkbEXXeG/jFt5HTx9/Y:sqTytRFk6ek1VW
IMP F62B90E31ECA404F228FCF7068B00F31
PESHA1 E49A5D19C56DB36683B927E01C75BC620A6C5353
PE256 B9CC89F6071061DC7A991777C483DE720302C60267D6CDCBD313DA96B9507ED8

Runtime Data

Child Processes:

_iu14D2N.tmp

Open Handles:

Path Type
(R-D) C:\Windows\System32\en-US\KernelBase.dll.mui File
(R-D) C:\Windows\System32\en-US\netmsg.dll.mui File
(R-D) C:\Windows\SysWOW64\en-US\user32.dll.mui File
(RW-) C:\Windows File
(RW-) C:\Windows\SysWOW64 File
(RW-) C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627 File
\BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 Section
\BaseNamedObjects\NLS_CodePage_437_3_2_0_0 Section
\Sessions\1\Windows\Theme2547664911 Section
\Windows\Theme3854699184 Section

Loaded Modules:

Path
C:\Program Files\Greenshot\unins000.exe
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\wow64.dll
C:\Windows\System32\wow64cpu.dll
C:\Windows\System32\wow64win.dll

Signature

  • Status: Signature verified.
  • Serial: 66C5DCC14B517809C172B44B7E9784F7
  • Thumbprint: 6DFA88FEDBA957855DB938B38082378F14C7CCCC
  • Issuer: CN=Certum Code Signing CA SHA2, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL
  • Subject: E=getgreenshot@gmail.com, CN=”Open Source Developer, Robin Krom”, O=Open Source Developer, C=DE

File Metadata

  • Original Filename:
  • Product Name:
  • Company Name:
  • File Version: 51.1052.0.0
  • Product Version:
  • Language: Language Neutral
  • Legal Copyright:
  • Machine Type: 32-bit

File Scan

  • VirusTotal Detections: 0/67
  • VirusTotal Link: https://www.virustotal.com/gui/file/655da9c7f64ef8f0f48160c76b8dc5443aaba63e8c6b3534a266e9cd5a18489f/detection/

File Similarity (ssdeep match)

File Score
C:\Program Files (x86)\Audacity\unins000.exe 86
C:\Program Files (x86)\Foxit Software\Foxit Reader\unins000.exe 93
C:\Program Files (x86)\MediaMonkey\unins000.exe 90
C:\Program Files (x86)\Spybot - Search & Destroy 2\unins000.exe 90
C:\Program Files\PeaZip\unins000.exe 93
C:\Program Files\TeraCopy\unins000.exe 90
C:\Program Files\WinMerge\unins000.exe 90

MIT License. Copyright (c) 2020-2021 Strontic.