_eupdate_13.3.2.2700.exe

Skytouch Technology Co., Limited

The application _eupdate_13.3.2.2700.exe by Skytouch Technology Co., Limited has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Skytouch Technology Co., Limited  (signed and verified)

Version:
10.2.0.2610

MD5:
51e9b4b130074758079617d58ba3e759

SHA-1:
a315f34b9802ac24608b26888716c8efde23834a

SHA-256:
555fde0c07dde3d7a31293a2e93c675398bbccec175329b01155c8cc0416325b

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/24/2024 11:52:20 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.ELEX (M)
16.8.3.17

File size:
692.6 KB (709,240 bytes)

Product version:
10.2.0.2610

Copyright:
Copyright (C) 2013

Original file name:
eUpdate.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\ProgramData\esafe\_eupdate_13.3.2.2700.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
7/8/2013 10:29:59 AM

Valid to:
7/9/2014 10:29:59 AM

Subject:
CN="Skytouch Technology Co., Limited", O="Skytouch Technology Co., Limited", L=HongKong, S=HongKong, C=HK

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11216078022FA91C0EB61326E0E8FDBE9C30

File PE Metadata
Compilation timestamp:
8/21/2013 1:11:53 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:j3lwFi3OwrVPbMdKVwgv21UJXW6BgZCaaNt+HBVeF+g7c0JQ2BQoIgbUQ3eB3B8l:7smPbn2CptgYl+HBsF+gXJVZJbU1rG

Entry address:
0xED2A9

Entry point:
E8, DD, 06, 07, 00, 68, 7C, A3, 02, C0, 46, E8, 31, 44, FE, FF, 60, C7, 44, 24, 1C, 83, 96, 4C, F6, FF, 34, 24, 50, 8D, 64, 24, 24, E9, 2E, AD, 07, 00, 68, 19, 66, 9D, AD, C7, 44, 24, 30, DE, 35, 18, 82, FF, 74, 24, 08, 88, 3C, 24, 66, C7, 44, 24, 08, C1, 13, 8D, 64, 24, 34, E9, A2, A9, 07, 00, 66, 0F, BA, E1, 0E, 80, FC, 05, 9C, E8, B7, FE, 06, 00, 9C, 60, 89, 7C, 24, 20, E8, A4, 04, 07, 00, E8, 12, DF, 06, 00, F4, 99, F6, A5, 43, C1, 54, 56, 13, 90, 3C, DA, 89, 52, DD, 7F, 71, F5, B6, 2C, 90, 78, A3, C5...
 
[+]

Code size:
129 KB (132,096 bytes)

Remove _eupdate_13.3.2.2700.exe - Powered by Reason Core Security