» driver_updater.exe
Overview
Analysis
File Details
Downloads (3)

driver_updater.exe

Plugin Update S.L.

This is the Softpulse installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application driver_updater.exe by Plugin Update S.L has been detected as adware by 20 anti-malware scanners. The program is a setup application that uses the Softpulse SoftwareBundler installer. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent.

File name:

driver_updater.exe

Publisher:

Plugin Update S.L. (signed and verified)

Version:

2.20.30.11

MD5:

21bbde0938cf529cc4eff143cd67a3ed

SHA-1:

2aecdfdc107255f10dbd2963d4386fbdba7990f6

SHA-256:

37241cbd349c8ecd1762e127453fe2afe452fc551c05a9a517a86e7636ddab6d

Scanner detections:

20 / 68

Status:

Adware

Description:

This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:

11/27/2024 10:38:34 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Application.Bundler.20

839

AhnLab V3 Security

PUP/Win32.SoftPulse

2014.10.19

Avira AntiVirus

APPL/Bundler.20

7.11.179.120

avast!

Win32:GenMalicious-ADB [PUP]

2014.9-141019

AVG

Generic

2015.0.3317

Bitdefender

Gen:Variant.Application.Bundler.20

1.0.20.1455

Dr.Web

Trojan.DownLoader11.36367

9.0.1.05190

ESET NOD32

Win32/SoftPulse (variant)

8.10584

F-Secure

Gen:Variant.Application.Bundler

11.2014-18-10_7

G Data

Gen:Variant.Application.Bundler.20

14.10.24

K7 AntiVirus

Unwanted-Program

13.184.13727

Kaspersky

not-a-virus:Downloader.Win32.DriverUpd

14.0.0.3075

Malwarebytes

PUP.Optional.DomaIQ

v2014.10.18.04

McAfee

Softpulse.a

5600.6973

MicroWorld eScan

Gen:Variant.Application.Bundler.20

15.0.0.873

NANO AntiVirus

Trojan.Win32.Agent.dguxty

0.28.2.62671

Norman

Kryptik.CDHN

11.20141018

Reason Heuristics

Threat.Win.Reputation.IMP

14.10.19.21

Sophos

SoftPulse

4.98

VIPRE Antivirus

Threat.4150696

33706

File size:

1.2 MB (1,230,768 bytes)

Product version:

2.20.30.11

File type:

Executable application (Win32 EXE)

Bundler/Installer:

Softpulse SoftwareBundler

Language:

English (United States)

Common path:

C:\users\{user}\downloads\driver_updater.exe

Digital Signature

Signed by:

Plugin Update S.L.

Authority:

VeriSign, Inc.

Valid from:

10/8/2014 1:00:00 AM

Valid to:

10/9/2015 12:59:59 AM

Subject:

CN=Plugin Update S.L., O=Plugin Update S.L., L=Guia de Isora, S=Santa Cruz de Tenerife, C=ES

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

0E923B9CF60DA59FC3A43A87A8071FC2

File PE Metadata

Compilation timestamp:

10/16/2014 11:33:49 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

24576:8QiuMT98w+0d82/wG4ZqItFPqh6pZRj35fdcuIMy:8/T9N2zsItFa6pZquA

Entry address:

0x7BC7

Entry point:

E8, DC, 40, 00, 00, E9, 7F, FE, FF, FF, E9, B5, 26, 00, 00, FF, 35, 40, BD, 44, 00, FF, 15, C8, 60, 41, 00, 85, C0, 74, 02, FF, D0, 6A, 19, E8, D3, 38, 00, 00, 6A, 01, 6A, 00, E8, 7D, 47, 00, 00, 83, C4, 0C, E9, 94, 47, 00, 00, 55, 8B, EC, 83, EC, 10, EB, 0D, FF, 75, 08, E8, D4, 47, 00, 00, 59, 85, C0, 74, 0F, FF, 75, 08, E8, A7, 2B, 00, 00, 59, 85, C0, 74, E6, C9, C3, 6A, 01, 8D, 45, FC, 50, 8D, 4D, F0, C7, 45, FC, 18, 24, 44, 00, E8, 4E, 2F, 00, 00, 68, 7C, 88, 44, 00, 8D, 45, F0, 50, C7, 45, F0, 10, 24... 
[+]

Entropy:

7.5262

Code size:

81.5 KB (83,456 bytes)

The file driver_updater.exe has been seen being distributed by the following 3 URLs.

http://uuljtc.95wdt0jvpk.com/rIgyC8zSdZQi0DSbQ6_k5sQZSuI9vg9-TQxP1MiJ8YKfT89MJ-nl7LA3GuSgmE2b12iGV_8xJehlYGXIaEyz1wo1lM4BkYi_S_B5Dy9Kh34?sbb=Coymr1s7Gdy5U6Kc2yTJ5ru81OW3MzcBQ3cNqXFoxa5Z9gMQ6HVY2CNTL52vRXV9ZGupUYZFbZoFoOODsrQQ2JuBBWBaSBpIkLd0N0BbhY9oQ8S2QpIQF8nCHYT5N7Jn0GGVXYFGlXGJGwy9SAbMfk2oi7AUfZAxOXSkV9MpXrntT8cPu3lly9IG78i3JPKbkw4g4UMbjOGfevgaOgx3pNNqO6mXtsJTcrVHIje7HJBVVhehHnhToKFt6ozWjpkoSnBAQMzE78KDdGnZbaIlDePTRlzjbYQl1vzqkAo5Amne1EGQXNYqgbDrGOUcXmX7JDXvpaGOUXysI6fWiwoTXhpZtkmPWnAV6Z14Povi74UIRRk4i1UlVhdwyzveadQihwZOXCSlojjDxU7m6pprz7mkEyU9lIrbklFXq9Ld1CrRqLnrwdzZzNqkixrAx6yEZn6KUfI5gZuece3Ctg5cbdAgTiJUHPw7NuPEEtgR8UN4LuvoOpn2cRxZkg8OxtyjElGOUZdiMEI8oak2YJXDPR8Ym9XJ8NCoojnDsiLJLC6DBFVNY6I5kEDcmOBR4qVFUqcFIU6W5OgW8oXwRifVNaCvD89hXPdYjrY7CJACOC1Ucjhif5iHqheFwyDKiXRRa7UBNI9IX4mONBipcXw9e5FF1CBAub1ujmreB29UDcmuNMGuStw48GabPTqvWRABVpikatSkEc7Cjll5ZiH6olNRp1XfLr66QqcBO1nHNukAFkVwYNVWRgneXuYopPr1dnSXHOgXtQdJOfxsxyCni61sHhrLcMjrbXrLy6CXlGIg2fcxnsG3HLbwTtvN22WnKY3p74pNH6HZMzcd7lp7Ts2eYIK

http://ttb.softpcdll.com/download/request/.../ey8pIpfk?PubID=79_2586_2121&ClickID=7660880551

http://lander.vopaa.pw/apx_flash/uk/.../UK DDL Driver Updater.php

Remove driver_updater.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.