» softwareupdater.ui.exe
Overview
Analysis
File Details
Behaviors (1)
Network (2)

softwareupdater.ui.exe

SoftwareUpdater

The application softwareupdater.ui.exe has been detected as a potentially unwanted program by 2 anti-malware scanners. It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in. While running, it connects to the Internet address blob.am5prdstr02a.store.core.windows.net on port 80 using the HTTP protocol.

File name:

Product:

SoftwareUpdater

Description:

Software Updater

Version:

2.4.1.3

MD5:

dd8f8a9a6409ed700cf85a1794507f3c

SHA-1:

bbcf8d6a3eb3087291c541fd946bf98928dcecc7

SHA-256:

a0d14ec5469651d3050c2471ec5b88a03adba694e708b73782b020027cd04a03

Scanner detections:

2 / 68

Status:

Potentially unwanted

Analysis date:

2/26/2025 12:56:17 AM UTC (today)

Scan engine

Detection

Engine version

Boost by Reason

Optional.Task.R

188838

Reason Heuristics

PUP.Downloader.Meta

15.4.25.22

File size:

1.2 MB (1,305,088 bytes)

Product version:

2.4.1.3

Original file name:

SoftwareUpdater.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\softwareupdater\softwareupdater.ui.exe

File PE Metadata

Compilation timestamp:

11/27/2013 10:24:00 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

24576:0Rz3sVAzcLuuuuuuuuuuuuuuuuuuuuuuuuuuudeht/9+AsVAzcLuuuuuuuuuuuud:MsVAAzht/7sVAA

Entry address:

0xB64FE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

721.5 KB (738,816 bytes)

Scheduled Task

Task name:

Software Updater Ui

Trigger:

Logon (Runs on logon)

Description:

Provides a graphical user interface for software updates.

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):

Connects to blob.am5prdstr02a.store.core.windows.net (40.68.232.24:80)

TCP (HTTP):

Connects to s3-3-w.amazonaws.com (54.231.133.137:80)

Remove softwareupdater.ui.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.