home

updater.exe

It runs as a scheduled task under the Windows Task Scheduler named runTask triggered by a time event. The file has been seen being downloaded from staticrr.getmixvideo.com.
MD5:
aca06fe1933b59a624ebbb91daed66f0

SHA-1:
4e04b795631c9265b9931c13295415f8af5077e4

SHA-256:
27afbd3c7094b32dddf580417d966f2557707b935b42e1b18596e21180b6ec8b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 2:57:55 PM UTC  (today)

File size:
334 Bytes

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\temp\updater.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
6:qzmSOvDn7jAs9QO0xg5LErGI1MIM4mGvmQaSRcUYMWXz:kDuD7jD9QBxBGpIM4mPQaYc/MWj

Entry point:
3C, 68, 74, 6D, 6C, 3E, 3C, 62, 6F, 64, 79, 3E, 3C, 62, 3E, 54, 68, 65, 20, 70, 61, 67, 65, 20, 63, 61, 6E, 6E, 6F, 74, 20, 62, 65, 20, 64, 69, 73, 70, 6C, 61, 79, 65, 64, 20, 62, 65, 63, 61, 75, 73, 65, 20, 61, 6E, 20, 69, 6E, 74, 65, 72, 6E, 61, 6C, 20, 73, 65, 72, 76, 65, 72, 20, 65, 72, 72, 6F, 72, 20, 68, 61, 73, 20, 6F, 63, 63, 75, 72, 72, 65, 64, 2E, 3C, 2F, 62, 3E, 3C, 73, 63, 72, 69, 70, 74, 3E, 76, 61, 72, 20, 67, 6C, 6F, 62, 61, 6C, 20, 3D, 20, 5B, 22, 70, 4A, 4E, 79, 6B, 75, 4D, 6B, 42, 76, 69...
 
[+]

Entropy:
5.1612

Scheduled Task
Task name:
runTask

Trigger:
Time


The file updater.exe has been seen being distributed by the following URL.

http://staticrr.getmixvideo.com/sdb/.../MixVideoPlayerSetup.exe

Scan updater.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.