» DTUpdater.exe
Overview
Analysis
File Details
Programs (1)
Network (1)

DTUpdater.exe

Desktop Temperature Updater

System Alerts LLC

The application DTUpdater.exe, “DesktopTemperatureUpdater” by System Alerts has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Desktop Temperature Monitor by System Alerts LLC which is a potentially unwanted software program.

File name:

DTUpdater.exe

Publisher:

System Alerts LLC (signed and verified)

Product:

Desktop Temperature Updater

Description:

DesktopTemperatureUpdater

Version:

1.22.0.0

MD5:

b2ec9ccc4fb87a07cc83f334ce3cc32a

SHA-1:

9f8f4de47e802c753d2c8a86b4ffe1eb093280de

SHA-256:

51017792a91db02c5ea644355460a64247b501651490678a9416df269551514e

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

11/23/2024 8:10:36 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.SystemAlerts.J

14.9.30.19

File size:

20.2 KB (20,728 bytes)

Product version:

1.22.0.0

Original file name:

DTUpdater.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\desktoptemperature\dtupdater.exe

Digital Signature

Signed by:

System Alerts LLC

Authority:

COMODO CA Limited

Valid from:

11/12/2013 5:00:00 PM

Valid to:

11/13/2014 4:59:59 PM

Subject:

CN=System Alerts LLC, O=System Alerts LLC, STREET=250 Park Ave Ste 504, L=Minneapolis, S=MN, PostalCode=55415, C=US

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00D56696E8C583BF7F09BCCC24A2AB8310

File PE Metadata

Compilation timestamp:

9/10/2014 11:17:33 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

384:ys4cj38gJL5mr0Iv6U/JL0lrik/sCxMMC18D2k1Vu:y+jMw5o99GV/RxhD2k1Vu

Entry address:

0x4B1E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

5.9582

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

11 KB (11,264 bytes)

The file DTUpdater.exe has been discovered within the following programs.

Desktop Temperature Monitor by System Alerts LLC

The free version is ad-supported software (also known as adware) web browser plugin that displays advertisements such as coupon ads in the browser that are displayed on web pages that are not associated with the plugin or would not otherwise appear.

desktoptemperaturemonitor.com

74% remove it

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP SSL):

Connects to ec2-54-225-244-87.compute-1.amazonaws.com (54.225.244.87:443)

Remove DTUpdater.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.