» checkupdate.exe
Overview
Analysis
File Details

checkupdate.exe

Finger Power Technology Co., Ltd.

The executable checkupdate.exe has been detected as malware by 3 anti-virus scanners.

File name:

checkupdate.exe

Publisher:

Finger Power Technology Co., Ltd. (signed and verified)

MD5:

3d88fe18e5ac8ee9f4b8d4a02b70b0f8

SHA-1:

fa7a9f13336c6430f82c14037eb52fc16781d5de

SHA-256:

51ed1f07a51d49d5c620c451377968aaa04c7ce2b4fe75d969e6606cdc5568aa

Scanner detections:

3 / 68

Status:

Malware

Analysis date:

1/12/2025 10:38:41 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Patched.Ren.Gen

8.3.3.4

avast!

Win32:Evo-gen [Susp]

2014.9-170308

AVG

Generic

2018.0.2446

File size:

359 KB (367,584 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\kingosoft\kingo root\update_27205\bin\checkupdate.exe

Digital Signature

Signed by:

Finger Power Technology Co., Ltd.

Authority:

Symantec Corporation

Valid from:

5/31/2016 7:00:00 AM

Valid to:

7/1/2017 6:59:59 AM

Subject:

CN="Finger Power Technology Co., Ltd.", OU=Development, O="Finger Power Technology Co., Ltd.", L=Beijing, S=Beijing, C=CN

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

2EC9B6209E7B6AC9D3A4DB1DC33852F3

File PE Metadata

Compilation timestamp:

7/13/2016 9:42:10 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

Entry address:

0x519C

Entry point:

E8, 92, 03, 00, 00, E9, 63, FD, FF, FF, 6A, 14, 68, 10, E0, 41, 00, E8, CE, 00, 00, 00, 83, 65, FC, 00, FF, 4D, 10, 78, 3A, 8B, 4D, 08, 2B, 4D, 0C, 89, 4D, 08, FF, 55, 14, EB, ED, 8B, 45, EC, 89, 45, E4, 8B, 45, E4, 8B, 00, 89, 45, E0, 8B, 45, E0, 81, 38, 63, 73, 6D, E0, 74, 0B, C7, 45, DC, 00, 00, 00, 00, 8B, 45, DC, C3, E8, DC, 03, 00, 00, 8B, 65, E8, C7, 45, FC, FE, FF, FF, FF, E8, C4, 00, 00, 00, C2, 10, 00, 6A, 0C, 68, 30, E0, 41, 00, E8, 70, 00, 00, 00, 83, 65, E4, 00, 8B, 75, 0C, 8B, C6, 0F, AF, 45... 
[+]

Entropy:

6.1314

Code size:

21 KB (21,504 bytes)

Remove checkupdate.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.