» checkupdate.exe
Overview
Analysis
File Details

checkupdate.exe

Finger Power Technology Co., Ltd.

The executable checkupdate.exe has been detected as malware by 1 anti-virus scanner.

File name:

checkupdate.exe

Publisher:

Finger Power Technology Co., Ltd. (signed and verified)

MD5:

bdaa4e3cf6001bbf8a57c7a500bb5551

SHA-1:

28ad1dfb0fbc70fc99c40e8a18831e908d447583

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

11/27/2024 4:20:43 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Threat.Win.Reputation.IMP

17.3.10.10

File size:

532.5 KB (545,242 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Documents and Settings\{user}\Application data\kingosoft\kingo root\update_54326\bin\checkupdate.exe

Digital Signature

Signed by:

Finger Power Technology Co., Ltd.

Authority:

Symantec Corporation

Valid from:

5/31/2016 4:30:00 AM

Valid to:

7/1/2017 4:29:59 AM

Subject:

CN="Finger Power Technology Co., Ltd.", OU=Development, O="Finger Power Technology Co., Ltd.", L=Beijing, S=Beijing, C=CN

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

2EC9B6209E7B6AC9D3A4DB1DC33852F3

File PE Metadata

Compilation timestamp:

7/13/2016 7:12:10 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

Entry address:

0x5D000

Entry point:

68, BC, CA, 71, 00, 58, 90, 90, BE, 20, D0, 45, 00, 68, 98, 05, 00, 00, 5F, 90, FF, 34, 3E, 31, 04, 24, 8F, 04, 3E, 4F, 83, EF, 03, 90, 75, F0, 54, B7, 70, 00, BC, CA, 71, 00, BC, CA, 31, 00, 20, 9B, 71, 00, 5C, 51, 74, 00, 66, 6B, 74, 00, BC, 7A, 73, 00, BD, CA, 71, 00, AC, BA, 31, 00, 8E, DA, 33, 00, A4, DA, 33, 00, 24, 03, 70, 00, 8C, DA, 73, 00, AA, DA, 73, 00, AC, 92, 71, 00, 8C, DA, 73, 00, AA, DA, 73, 00, BC, CA, 71, 00, BC, CA, 71, 00, BC, CA, 71, 00, BC, CA, 71, 00, BC, CA, 71, 00, BC, CA, 71, 00... 
[+]

Entropy:

6.9594

Code size:

21 KB (21,504 bytes)

Remove checkupdate.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.