home

aspupdate

AOL Anti-spyware 2.0 Upgrade 2.0

America Online, Inc.

Publisher:
America Online, Inc.

Product:
AOL Anti-spyware 2.0 Upgrade 2.0

Description:
AOL Anti-spyware 2.0 Upgrade Build 2.0.6.2

Version:
2.0.6.2

MD5:
6daaf77c3ae767f53e24678da9df4c4f

SHA-1:
7e725286f275b4fe9116911ba59b4639a02e5634

SHA-256:
06ad7bc1cb4c27590bb8746f54a5e13cfbb3cf277ab77311e8b2a1956dff3a69

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/26/2024 12:47:23 AM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
DLOADER.Trojan
9.0.1.0321

Quick Heal
(Suspicious) - DNAScan
11.14.14.00

File size:
9 MB (9,485,122 bytes)

Product version:
2.0.6.2

Copyright:
Copyright © 2005 - America Online, Inc. All Rights Reserved.

Trademarks:
AOL is a trademark of America Online, Inc.

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\virtualstore\Program Files\common files\aol\aol spyware protection\update\aspupdate

File PE Metadata
Compilation timestamp:
12/8/2005 12:11:33 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
196608:EchEWKpRcOKaca9KNlweguStFOVnZQ8vylO6CtrCZ6jANGv6mrXw:IZjca1J0VnZQ8q96ANGXrA

Entry address:
0x3AF4

Entry point:
83, EC, 20, 53, 55, 56, 57, 33, FF, 89, 7C, 24, 14, BB, 28, 8A, 40, 00, C6, 44, 24, 10, 20, FF, 15, 28, 80, 40, 00, 57, FF, 15, 98, 82, 40, 00, 68, 9C, 8B, 40, 00, 68, E0, 5B, 42, 00, A3, 90, 64, 42, 00, E8, AA, 25, 00, 00, BE, 00, D4, 42, 00, 56, BD, 00, 04, 00, 00, 55, FF, 15, E0, 80, 40, 00, E8, 29, FF, FF, FF, 85, C0, 75, 25, 68, FB, 03, 00, 00, 56, FF, 15, DC, 80, 40, 00, 68, 94, 8B, 40, 00, 56, FF, 15, A4, 80, 40, 00, E8, 08, FF, FF, FF, 85, C0, 0F, 84, 42, 02, 00, 00, BE, 00, C0, 42, 00, 56, FF, 15...
 
[+]

Entropy:
7.9998  (probably packed)

Code size:
26 KB (26,624 bytes)

The file aspupdate has been seen being distributed by the following URL.

http://asp.web.aol.com/.../aspupdate_us.exe

Scan aspupdate - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.