home

Update.exe

Zen Update

K.D.K. Softwares (I) Pvt. Ltd.

According to AVG, this software downloads additional adware offers during setup.
Publisher:
K.D.K. Softwares (I) Pvt. Ltd.

Product:
Zen Update

Version:
6.06.0003

MD5:
e6dc6a618a84a8c6eee45f6bbb85709a

SHA-1:
14e7763b4053118ed70afd2802176bd53aa27e93

SHA-256:
bb36825ad6e7baca86cac8614156d31b1cfa7545d49a03ce658a8afc4c1bf738

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/15/2024 7:17:09 PM UTC  (today)

Scan engine
Detection
Engine version

AVG
Downloader.Generic13
2015.0.3250

F-Prot
W32/VB.FJ.gen
v6.4.7.1.166

Rising Antivirus
PE:Trojan.Win32.Generic.14C7E369!348644201
23.00.65.141223

VIPRE Antivirus
Trojan.Win32.VB
31654

File size:
476 KB (487,424 bytes)

Product version:
6.06.0003

Original file name:
Update.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\k.d.k. software\kdk support\update.exe

File PE Metadata
Compilation timestamp:
6/7/2011 6:08:41 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:Z3OnI2caT+aLwjBbZoTFS8nGzIgPc1iq478mSvL5Fx7b06+Mt6twbZD:oiaT+aLwQ/yX78l+Bt

Entry address:
0x36F4

Entry point:
68, E8, 3B, 40, 00, E8, F0, FF, FF, FF, 00, 00, 40, 00, 00, 00, 30, 00, 00, 00, 38, 00, 00, 00, 00, 00, 00, 00, 3B, C8, FF, DB, CB, 3D, 00, 49, A0, 73, C5, 6E, B4, C2, E2, B4, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 49, 00, 06, 50, 83, 01, 55, 70, 64, 61, 74, 65, 00, 01, 00, 00, 00, 00, 0C, 80, 3D, 01, 00, 00, 00, 00, 88, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 05, 00, 00, 00, A9, 53, 48, DF, E6, 83, 59, 4B, A7, 88, 50, AE, 24, CF, 3F, 24, 01, 00, 00, 00, 90, 00, 00, 00, A0, 00, 00, 00, 01, 00, 00, 00...
 
[+]

Entropy:
6.0088

Developed / compiled with:
Microsoft Visual Basic v5.0/v6.0

Code size:
464 KB (475,136 bytes)

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to 68-233-237-110.static.hvvc.us  (68.233.237.110:80)

Scan Update.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.