update8.exe

This is a setup program which is used to install the application. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘qwupdate’. The file has been seen being downloaded from www.fplayer.net.
MD5:
37e3b851dfc881424f4d80c452d11685

SHA-1:
482b4ce8adeacba8129759fa48d8b5f75ef4fcd0

SHA-256:
fb31084b08546326d1b3d3d6708783b804093db542fa2dc4429338a552524ec0

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/27/2024 4:49:50 AM UTC  (today)

File size:
68 KB (69,632 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\free cuda video converter 7\bin\data\bin\update8.exe

File PE Metadata
Compilation timestamp:
12/25/2013 5:20:23 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
1536:ZFLs+WMXKlQbRrKRHrmEMJ4MQzRMK0yIRodDQqOVBY:LzWHQbBfH4MQzRMK0OdDNOVBY

Entry address:
0x856F

Entry point:
E8, 94, 03, 00, 00, E9, 36, FD, FF, FF, 6A, 14, 68, A8, C9, 40, 00, E8, C7, 00, 00, 00, 83, 65, FC, 00, FF, 4D, 10, 78, 3A, 8B, 4D, 08, 2B, 4D, 0C, 89, 4D, 08, FF, 55, 14, EB, ED, 8B, 45, EC, 89, 45, E4, 8B, 45, E4, 8B, 00, 89, 45, E0, 8B, 45, E0, 81, 38, 63, 73, 6D, E0, 74, 0B, C7, 45, DC, 00, 00, 00, 00, 8B, 45, DC, C3, E8, D9, 03, 00, 00, 8B, 65, E8, C7, 45, FC, FE, FF, FF, FF, E8, BD, 00, 00, 00, C2, 10, 00, 6A, 0C, 68, C8, C9, 40, 00, E8, 69, 00, 00, 00, 83, 65, E4, 00, 8B, 75, 0C, 8B, C6, 0F, AF, 45...
 
[+]

Code size:
35 KB (35,840 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
qwupdate

Command:
C:\Program Files\free cuda video converter 7\bin\data\bin\update8.exe


The file update8.exe has been discovered within the following programs.

WinRAR 5.21 (32-bit)  by win.rar GmbH
www.rarlab.com
6% remove it
WinRAR archiver  by win.rar GmbH
WinRAR archiver is a shareware file archiver that is able to create RAR archives natively.
12% remove it
yadfr.sourceforge.net
About 5% of users remove it
YoWindow  by RepkaSoft
Publisher's description - “YoWindow is a full featured weather program with beautiful graphics. The magic of YoWindow is living landscapes that reflect the weather. Just like in your window. In YoWindow you can even scroll time forward to see the weather forecast.”
yowindow.com
2% remove it
Zappit!  by Cloudeight Internet, LLC.
www.zappit.net
About 1% of users remove it
Z-DATDump  by IMU Andreas Baumann
www.tape-backup.de
About 8% of users remove it
ZipGenius 6.3  by Wininizio.it Software
www.zipgenius.it
About 1% of users remove it
Publisher's description - “Zoom Player is the most Powerful, Flexible and Customizable Media Player application for the Windows PC platform. Based on our highly-touted Smart Play technology, more media formats play with less hassle, improved stability and greater performance.”
www.inmatrix.com/files/zoomplayer_download.shtml
24% remove it
 
Powered by Should I Remove It?

The file update8.exe has been seen being distributed by the following URL.

Scan update8.exe - Powered by Reason Core Security