home

outboatupdate.exe

Shulan Hou

The application outboatupdate.exe by Shulan Hou has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a scheduled task under the Windows Task Scheduler named OutboatUpdateTaskMachineCore triggered by a time event.
Publisher:
Shulan Hou  (signed and verified)

MD5:
a165115e8fd14eb5ad15211ae7338009

SHA-1:
75f7a067542e584ec6559e28837ebcea4e4a6b3c

SHA-256:
ac9476b465f9d0ea30048d0950fad0fd94b9e8c23bd35c107251ccbb52c007d8

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/1/2024 7:36:58 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.ELEX (M)
16.8.5.8

File size:
558.4 KB (571,776 bytes)

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\outboat\update\outboatupdate.exe

Digital Signature
Signed by:
Shulan Hou

Authority:
thawte, Inc.

Valid from:
8/4/2016 2:00:00 AM

Valid to:
6/14/2017 1:59:59 AM

Subject:
CN=Shulan Hou, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
1B471CD0973DAEB038ECC7D56538602F

File PE Metadata
Compilation timestamp:
8/5/2016 4:24:55 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
12288:7mC4lbbOp3wnIYQl5TLwL+U2aX6AAGmAnAtzyKw8/knn8typQnZkQ7:SC4Rowni5TLrfaP5OyKwcknHkkQ7

Entry address:
0x4556E

Entry point:
A0, B6, 3C, 00, 00, BA, E8, 9B, A8, CD, C7, 7F, 92, 80, 2C, 00, C0, 7A, 9F, 2C, E6, 34, 00, 00, 00, 00, 3C, 08, 6D, 66, 01, C1, A6, 37, 36, B9, F4, 3B, 2C, 90, 0C, 00, 00, 00, 00, E8, 13, 16, 34, 71, 2E, 67, 66, 34, 1D, 60, E2, 60, E4, D1, 96, 11, C3, 20, 00, 64, F7, 68, A5, 3F, BF, AD, 22, B7, C8, 94, B7, 90, B4, 72, 95, 37, CB, 00, 00, 00, 00, A8, 89, 13, 0E, 98, 7E, 00, 00, 00, 00, B4, 73, 45, 5F, 43, 01, 73, 3E, 6B, 0C, 1D, CA, 42, EC, A3, 96, 1B, D8, 27, 00, 04, A4, 03, E1, 65, A7, CD, 4D, A6, 8D, 06...
 
[+]

Code size:
427 KB (437,248 bytes)

Scheduled Task
Task name:
OutboatUpdateTaskMachineCore

Trigger:
Time


Remove outboatupdate.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.