simpledriverupdatersetup.exe

Simple Driver Updater

Vapc Lux Sarl

The application simpledriverupdatersetup.exe, “Simple Driver Updater installer” by Vapc Lux Sarl has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This file is typically installed with the program Simple Driver Updater by SimpleStar. The file has been seen being downloaded from www.simplestar.com and multiple other hosts.
Publisher:
SimpleStar  (signed by Vapc Lux Sarl)

Product:
Simple Driver Updater

Description:
Simple Driver Updater installer

Version:
5.9.0.12

MD5:
e22b2282d34b5303603312d01624b50b

SHA-1:
1be3ccba5eaa6661888f01ba9cfbe6b9fedc7309

SHA-256:
5abed5aa7a4b672744ae4780ce3868b7669b4a020a864b79ad7c0d4eb30859d7

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/24/2024 12:07:36 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.SimpleStar (L)
16.10.17.22

File size:
7 MB (7,365,504 bytes)

Product version:
5.9.0.12

Copyright:
Copyright (c) 2016 SimpleStar. All Rights Reserved.

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\simpledriverupdatersetup.exe

Digital Signature
Signed by:

Authority:
GlobalSign nv-sa

Valid from:
2/11/2016 4:11:14 PM

Valid to:
2/10/2017 4:57:32 PM

Subject:
E=Ludovic.trogliero@vapc.lu, CN=Vapc Lux Sarl, O=Vapc Lux Sarl, L=Luxembourg, C=LU

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112130BA28CC6DC89090DD3923776478D67D

File PE Metadata
Compilation timestamp:
4/10/2010 2:19:31 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
196608:/Voi2ZBsQuNFkKkarEKP4fsrXYesm/cmvGf1qqf:/VbUiQuNFkbXOYq7GUqf

Entry address:
0x354B

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, 84, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B8, 80, 40, 00, 55, FF, 15, B0, 82, 40, 00, 6A, 08, A3, 98, 06, 47, 00, E8, 67, 27, 00, 00, 55, 68, B4, 02, 00, 00, A3, B0, 05, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 1C, 86, 40, 00, FF, 15, 80, 81, 40, 00, 68, 04, 86, 40, 00, 68, A0, 85, 46, 00, E8, 35, 26, 00, 00, FF, 15, B4, 80, 40, 00, 50, BF, A0, 10, 4C, 00, 57, E8, 23, 26, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
25 KB (25,600 bytes)

The file simpledriverupdatersetup.exe has been discovered within the following program.

Simple Driver Updater  by SimpleStar
www.simplestar.com/support/simple-driver-updater
About 5% of users remove it
 
Powered by Should I Remove It?

The file simpledriverupdatersetup.exe has been seen being distributed by the following 2 URLs.

http://www.simplestar.com/downloads/CID/.../SimpleDriverUpdaterSetup.exe

Remove simpledriverupdatersetup.exe - Powered by Reason Core Security