» googleupdater_2_4_1591.exe
Overview
Analysis
File Details
Downloads (1)

googleupdater_2_4_1591.exe

Google Inc

This is a setup program which is used to install the application. The file has been seen being downloaded from dw4.uptodown.com.

File name:

Publisher:

Google Inc (signed and verified)

MD5:

f7af2b8e65d92f9e58a1efd39bf76bed

SHA-1:

8b5ce802d1b680400994f4fdc2d41e8237f2be96

SHA-256:

5ea92bbb0820bf0f851ccebbddbdcbd054b50cb72bc8aa83068fb9a980bcf8ed

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)
Whitelisted (by digital signature)

Analysis date:

11/2/2024 5:27:14 PM UTC (today)

File size:

796.3 KB (815,376 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\googleupdater_2_4_1591\googleupdater_2_4_1591.exe

Digital Signature

Signed by:

Google Inc

Authority:

VeriSign, Inc.

Valid from:

7/9/2006 7:30:00 PM

Valid to:

7/10/2007 7:29:59 PM

Subject:

CN=Google Inc, OU=Digital ID Class 3 - Netscape Object Signing, O=Google Inc, L=Mountain View, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

0FE7C5F7C10716F0A4EB0D4B4D581371

File PE Metadata

Compilation timestamp:

4/24/2007 7:04:53 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

24576:gkjNFAsR6Hcpr8fzMvVXfuFkKyUhd0sksoRMaKMM6:zF16HB7MtXWryU/0dCaKMM6

Entry address:

0x220C

Entry point:

B8, B8, B2, 72, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, AC, 51, AD, 62, 21, E1, 21, B6, 8A, 1C, 2B, E0, 99, AD, 1D, 72, 02, F7, E9, F1, D2, 69, 1B, F6, BE, 6D, 30, 57, 7C, 9E, 8D, 28, A1, 81, 2F, 89, A4, 2F, D2, 52, E1, 7D, 34, 73, 81, 88, 41, 48, 34, FE, 89, 6C, C1, 58, E5, 39, 84, D2, 5F, 24, 11, 33, 26, 1D, 0D, 2F, E8, C5, FC, 6F, 8E, F4, 64, 4C, 23, 92, 50, A8, B0, BA, 27, 7B, 60, 0B, 93, 44, C9, 9C, D8, FD, 2F, B4, FD... 
[+]

Packer / compiler:

PECompact v2

Code size:

34.5 KB (35,328 bytes)

The file googleupdater_2_4_1591.exe has been seen being distributed by the following URL.

http://dw4.uptodown.com/dw/1448347639/.../google-updater-2.1.843.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.