au.exe

AutoUpdate

UltimateSpeedTester

The executable au.exe has been detected as malware by 1 anti-virus scanner.
Publisher:
SoftNinjas  (signed by UltimateSpeedTester)

Product:
AutoUpdate

Version:
1.0.0.0

MD5:
cf14335d2ed796d1d260ddf970c93c02

SHA-1:
13d11ee7a003cf1d0b7ef1ed53d6c29194c8ff45

SHA-256:
2f803cfc9ca250a266c3e81ed0f733ec6278c819ce3e29d7048c1edd02c0dbbc

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
12/25/2024 5:35:04 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.8.2.14

File size:
31.6 KB (32,368 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © SoftNinjas 2014

Original file name:
AutoUpdate.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\roaming\ultimatespeedtester\au.exe

Digital Signature
Authority:
UltimateSpeedTester

Valid from:
12/24/2015 4:07:28 PM

Valid to:
12/21/2025 4:07:28 PM

Subject:
CN=UltimateSpeedTester, O=UltimateSpeedTester, S=Some-State, C=US

Issuer:
CN=UltimateSpeedTester, O=UltimateSpeedTester, S=Some-State, C=US

Serial number:
00D9492C315FD8655A

File PE Metadata
Compilation timestamp:
5/4/2015 3:43:56 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
384:lYrwGD5g6y7x1hiG7oNh12a8k1UEgQZEPzax3m5GkGmWo2fDA7owG46f0GNQ00Q7:lmwAMoTgQ8QNp0Qvd/8MbBjx2Hl6pp

Entry address:
0x830E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.7098

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
25 KB (25,600 bytes)

Remove au.exe - Powered by Reason Core Security