home

SoftwareUpdater.Bootstrapper.exe

SoftwareUpdater.Bootstrapper

The application SoftwareUpdater.Bootstrapper.exe has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in.
Product:
SoftwareUpdater.Bootstrapper

Version:
2.4.1.3

MD5:
b2a9f03251ec8206ea3f0fe0e992f401

SHA-1:
a546ed8913e2d18ca49bf4a57082e6de4db3fcb3

SHA-256:
7b6912112e0c267e7308182410c00456ac9e1e87f5c858d58a02dd3765a6010f

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/5/2024 2:36:15 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.OneInstall.BB
14.3.28.15

File size:
75.5 KB (77,312 bytes)

Product version:
2.4.1.3

Copyright:
Copyright © 2012

Original file name:
SoftwareUpdater.Bootstrapper.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\softwareupdater\softwareupdater.bootstrapper.exe

File PE Metadata
Compilation timestamp:
11/27/2013 10:23:59 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
1536:WzHAv41mbDHL1sjgyVGdSOhSqDod2yN+JeMznyV2Pe6GYlT27Nrnudo:+gywDpsHVSSUSUod/9MDyVSeR7gdo

Entry address:
0x1384E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
70.5 KB (72,192 bytes)

Scheduled Task
Task name:
Software Updater

Trigger:
Logon (Runs on logon)

Description:
Keeps installed software up to date. If you remove this task or the associated program your software will not be updated anymore.


The executing file has been seen to make the following network communications in live environments.

TCP (HTTP SSL):
Connects to s3-1-w.amazonaws.com  (52.216.81.216:443)

Remove SoftwareUpdater.Bootstrapper.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.