home

Update.exe

AutoUpdate

Asiasoft Online Pte Ltd

The application Update.exe by Asiasoft Online Pte has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Asiasoft Online Pte Ltd  (signed and verified)

Product:
AutoUpdate

Version:
0.1.0.0

MD5:
396e51f47aeaac401081bf13abe6c55a

SHA-1:
45208a1eacefacdc0d39eb302794b2c2057923b8

SHA-256:
4929451017e23dcf8929c4e62c7b6ad2a829cea2906268985d15f84c419d954d

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/28/2024 2:56:02 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.AsiasoftOnlinePte (M)
16.1.5.20

File size:
55.4 KB (56,768 bytes)

Product version:
0.1.0.0

Copyright:
Copyright © 2015

Original file name:
Update.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\asiasoft online\playpark downloader\update.exe

Digital Signature
Signed by:
Asiasoft Online Pte Ltd

Authority:
GlobalSign nv-sa

Valid from:
11/6/2014 1:18:34 PM

Valid to:
11/7/2015 1:18:34 PM

Subject:
E=ensemble@asiasoft.net, CN=Asiasoft Online Pte Ltd, O=Asiasoft Online Pte Ltd, L=Singapore, S=Singapore, C=SG

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121316AC469EDBB903A2A501E45268109FD

File PE Metadata
Compilation timestamp:
10/27/2015 3:36:33 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:j2gwPAyv8kk7GXDbS5snwZj1IiGXv8kszYcHeImnPuW3:+Ayvjk7GXHS5snE1eXvjJIC3

Entry address:
0xA59E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 03, 00, 00, 00, 30, 00, 00, 80, 0E, 00, 00, 00, 58, 00...
 
[+]

Entropy:
5.8140

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
33.5 KB (34,304 bytes)

Remove Update.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.