updateinstaller.exe

Artem Izmaylov

This is a setup and installation application. The file has been seen being downloaded from aimp.com.pl and multiple other hosts.
Publisher:
Artem Izmaylov  (signed and verified)

MD5:
a3c6b2bbde04239b87f53f19a9807ec4

SHA-1:
c93439798ab376e96c40ce04a9dfeff02784e19f

SHA-256:
4ad2c03e4b28e7f239c115895b287a8eb15ff1993deac8acb4d139171317bb25

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/24/2024 4:22:20 PM UTC  (today)

File size:
7.2 MB (7,551,384 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\aimp3\updateinstaller.exe

Digital Signature
Signed by:

Authority:
StartCom Ltd.

Valid from:
11/6/2012 6:28:30 PM

Valid to:
11/8/2014 12:36:54 AM

Subject:
E=artem@aimp.ru, CN=Artem Izmaylov, L=Tula, S=Tula Oblast, C=RU, Description=N0TtN9z9A3cgEBOy

Issuer:
CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
07ED

File PE Metadata
Compilation timestamp:
5/17/2012 12:46:35 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
196608:MiDJea+XuD59jgRx9H6/F3KBiCTWHPtgWoKK:M+1rDvAxAbCToOWtK

Entry address:
0x12C2F

Entry point:
55, 8B, EC, 6A, FF, 68, 78, 5C, 41, 00, 68, C0, 2D, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, A0, 41, 41, 00, 59, 83, 0D, 44, A9, 41, 00, FF, 83, 0D, 48, A9, 41, 00, FF, FF, 15, A4, 41, 41, 00, 8B, 0D, 3C, 89, 41, 00, 89, 08, FF, 15, A8, 41, 41, 00, 8B, 0D, 38, 89, 41, 00, 89, 08, A1, AC, 41, 41, 00, 8B, 00, A3, 40, A9, 41, 00, E8, 1D, 01, 00, 00, 39, 1D, 30, 87, 41, 00, 75, 0C, 68, B8, 2D, 41, 00, FF, 15, B0, 41...
 
[+]

Entropy:
7.9986

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
72.5 KB (74,240 bytes)

The file updateinstaller.exe has been discovered within the following program.

AIMP3  by AIMP DevTeam
AIMP is a free audio player for Windows. In version 3, AIMP got its own audio engine, and full support for ReplayGain was added. Also, the music library interface was revamped, with new transparency effects.
www.aimp.ru
1% remove it
 
Powered by Should I Remove It?

The file updateinstaller.exe has been seen being distributed by the following 12 URLs.

http://aimp.com.pl/index.php/.../download?func=download&id=458&chk=7c6b1e41cc6a97b56b09c755b41966c2&no_html=1

http://ftp-stahuj.centrum.cz/dl/eba68ec82b9de4581fa3b595df471e87/5247298a/stahuj/download/software/secured/a/aimp-classic/.../aimp_3.51.1288.exe

Scan updateinstaller.exe - Powered by Reason Core Security