AppsUpdater.exe

Updater Software

The application AppsUpdater.exe has been detected as adware by 9 anti-malware scanners. While running, it connects to the Internet address rack11u24.hispaweb.net on port 8002.
Product:
Updater Software

Version:
1.1.0.5

MD5:
b6b3b7e4bd513236454d74ff084e6107

SHA-1:
1ff0a121a9118c21eab71317f1ba6e73c23b3bae

SHA-256:
ef6c8c557d8a885c4ec9cae40b8c118f191d72db9b955cf645a15c0304916668

Scanner detections:
9 / 68

Status:
Adware

Explanation:
Bundles additional software, mostly toolbars and other potentially unwanted applications using the Vittalia monitization installer.

Analysis date:
11/23/2024 3:48:44 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Dropper-gen [Drp]
140929-0

Baidu Antivirus
PUA.MSIL.Vittalia
4.0.3.14930

ESET NOD32
MSIL/Vittalia.D potentially unwanted application
7.0.302.0

IKARUS anti.virus
PUA.Vittalia
t3scan.1.7.8.0

K7 AntiVirus
Trojan
13.183.13521

Malwarebytes
PUP.Optional.Vittalia
v2014.09.30.10

McAfee
Artemis!B6B3B7E4BD51
5600.6992

Reason Heuristics
PUP.OneInstall.L
14.9.24.10

Sophos
Vittalia
4.98

File size:
194 KB (198,656 bytes)

Product version:
1.1.0.5

Copyright:
Copyright © 2014

Original file name:
AppsUpdater.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\softwareupdater\appsupdater.exe

File PE Metadata
Compilation timestamp:
6/25/2014 7:43:21 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:9Vz7wEDt+RmMkv74L4zNXL448DtA7QVwXt+o52:bz7wEDt+RmMkv74L4zNXL448DtA7QVwx

Entry address:
0x2F45E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
181.5 KB (185,856 bytes)

The executing file has been seen to make the following network communication in live environments.

TCP:
Connects to rack11u24.hispaweb.net  (93.189.33.215:8002)

Remove AppsUpdater.exe - Powered by Reason Core Security