home

updater.exe

SIEN INTERNET PRODUCTS LTD

The application updater.exe, “updater 2.7.4 © Air Privacy Shield, Inc, 2014” by SIEN INTERNET PRODUCTS has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Air Privacy Shield  (signed by SIEN INTERNET PRODUCTS LTD)

Product:
Air Privacy Shield

Description:
updater 2.7.4 © Air Privacy Shield, Inc, 2014

Version:
2.7.4

MD5:
aa089325b6340b7e73a87b5ac7bbecb8

SHA-1:
05f74dcfdd49364cbf648fabad43a45566c9afa3

SHA-256:
2eb05c3ec67ce01e8d2262993b61e45f77ae56de9c8347a81b1ade6c6ae0ef46

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
2/25/2025 5:22:54 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Sien.SIENINTERNETPRODUCTS (M)
15.10.21.10

File size:
426.9 KB (437,096 bytes)

Product version:
2.7.4

Copyright:
Copyright (C) 2015 Air Privacy Shield

Original file name:
updater.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\air privacy shield\air privacy shield 2.7.4\install\d129d91\updater.exe

Digital Signature
Signed by:
SIEN INTERNET PRODUCTS LTD

Authority:
GlobalSign nv-sa

Valid from:
6/18/2015 4:38:06 AM

Valid to:
6/18/2016 4:38:06 AM

Subject:
CN=SIEN INTERNET PRODUCTS LTD, O=SIEN INTERNET PRODUCTS LTD, L=London, S=LONDON, C=GB

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112197E7BBA82299D8F1DCEDCE8898C6F8C6

File PE Metadata
Compilation timestamp:
9/15/2015 1:32:21 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:nJ7x2rS1mM3L/CVRRD2s2cNKnt9Vz2ilezzfV+foaRkL:nJAS1mM3WV/D2s2csnt9JnlezjYLRkL

Entry address:
0x12B32

Entry point:
E8, C0, 76, 00, 00, E9, 79, FE, FF, FF, 68, A0, 2B, 41, 00, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, 44, 60, 44, 00, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F0, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 83, EC, 18, 53, 8B, 5D, 0C, 56, 8B, 73, 08, 33, 35...
 
[+]

Entropy:
6.4824

Code size:
243 KB (248,832 bytes)

Remove updater.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.