ALUpdate.exe

ALTools Updater

ESTsoft Corp.

This is installed with ALTools Update. The file has been seen being downloaded from aldn.altools.co.kr and multiple other hosts.
Publisher:
ESTsoft Corp.  (signed and verified)

Product:
ALTools Updater

Description:
ALTools Automatic Updater Program

Version:
10, 3, 10, 1

MD5:
6d193f3639b5a2b638672ed9469f5ae3

SHA-1:
dde0a89c5be38146ad55444793b975e976005d34

SHA-256:
e2b245348d6b3810fe1164d1da26e4433cf9a6c3076b8eb7bb9f197180b9883d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 5:40:57 AM UTC  (today)

File size:
813.3 KB (832,856 bytes)

Product version:
10, 3, 10, 1

Copyright:
Coryright (c) 2010 by ESTsoft Corp. All rights reserved.

Original file name:
ALUpdate.exe

File type:
Executable application (Win32 EXE)

Language:
Korean (Korea)

Common path:
C:\Program Files\estsoft\alupdate\alupdate.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
11/4/2009 4:00:00 PM

Valid to:
12/5/2010 3:59:59 PM

Subject:
CN=ESTsoft Corp., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=ESTsoft Corp., L=Gwanak-gu, S=Seoul, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7F37972EF9C4A45852B3AECC4F5EA9F6

File PE Metadata
Compilation timestamp:
3/10/2010 9:50:16 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:1/yuRbBR4XmwXUZPoEuGoQK5pRSjCIp3NxBiU3JloS4AaIy0hheK56:Rc6+35HSjHNxBV3JloS4Aly03ed

Entry address:
0x7E714

Entry point:
E8, DB, F1, 00, 00, E9, 16, FE, FF, FF, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 00, 19, 4C, 00, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 00, 19, 4C, 00, 33, C5, 50, 89, 65, F0, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B...
 
[+]

Entropy:
6.5370

Code size:
624 KB (638,976 bytes)

The file ALUpdate.exe has been discovered within the following program.

ALTools Update  by ESTsoft Corp.
ALTools Update is the automatic updater service for most ALTools products including the ALZip program.
advert.estsoft.com/?event=200904224447205
47% remove it
 
Powered by Should I Remove It?

The file ALUpdate.exe has been seen being distributed by the following 2 URLs.

http://aldn.altools.co.kr/altools/ALBN_CollectorFiles/2/PROGRAM/ESTsoft/ALUpdate//ALUpdate.exe

Scan ALUpdate.exe - Powered by Reason Core Security