avira_update_manager_en_2702.exe

Avira Operations GmbH & Co. KG

This is a setup program which is used to install the application. The file has been seen being downloaded from professional.avira-update.com.
Publisher:
Avira Operations GmbH & Co. KG  (signed and verified)

MD5:
c3b9ce380d4e9c16589317ec055b3923

SHA-1:
9b56adbcd113ef0676e1565c017006d07d4b0b3f

SHA-256:
92d67e18d79a58528d948f8c9d28bdc264684ec589bf81ed0168ec848bdee282

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/2/2024 7:21:56 PM UTC  (today)

File size:
13.8 MB (14,435,376 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\avira_update_manager_en_2702.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
7/20/2011 2:00:00 AM

Valid to:
7/20/2014 1:59:59 AM

Subject:
CN=Avira Operations GmbH & Co. KG, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Avira Operations GmbH & Co. KG, L=Tettnang, S=Baden Wuerttemberg, C=DE

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
54971FF238D2B866F27FC3FE6C9AD577

File PE Metadata
Compilation timestamp:
11/30/2005 10:08:44 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
393216:YWvHLdsdQ/v+JnH3kLFvveoGkdvmuuiMXpRW:fHJsdAvHhveoLNmaMXK

Entry address:
0x1000

Entry point:
E8, B7, 27, 00, 00, 50, E8, CB, 22, 01, 00, 00, 00, 00, 00, 90, 55, 8B, EC, 53, 56, 57, 8B, 7D, 10, 8B, 5D, 0C, 8B, 75, 08, 8B, D3, FF, 75, 14, 68, E5, 40, 41, 00, 6A, 00, 6A, 00, 8B, C6, 8B, CF, E8, 42, 43, 00, 00, 81, EB, 10, 01, 00, 00, 74, 05, 4B, 74, 14, EB, 57, FF, 75, 14, 6A, 66, 56, E8, 1C, 25, 01, 00, B8, 01, 00, 00, 00, EB, 47, 66, 81, E7, FF, FF, 66, FF, CF, 74, 07, 66, FF, CF, 74, 23, EB, 30, 68, 80, 00, 00, 00, 68, D4, 50, 41, 00, 6A, 65, 56, E8, 62, 24, 01, 00, 6A, 01, 56, E8, 3C, 24, 01, 00...
 
[+]

Code size:
76 KB (77,824 bytes)

The file avira_update_manager_en_2702.exe has been seen being distributed by the following URL.

Scan avira_update_manager_en_2702.exe - Powered by Reason Core Security