» updater.exe
Overview
Analysis
File Details

updater.exe

SIEN INTERNET PRODUCTS LTD

The application updater.exe, “updater 3.1.2 © Air Privacy Shield, Inc, 2014” by SIEN INTERNET PRODUCTS has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

updater.exe

Publisher:

Air Privacy Shield (signed by SIEN INTERNET PRODUCTS LTD)

Product:

Air Privacy Shield

Description:

updater 3.1.2 © Air Privacy Shield, Inc, 2014

Version:

3.1.2

MD5:

1ced63a75e586710ae2778a12a532ce4

SHA-1:

8389d335ceee60cc4259e0dd89a85b63b0a4df7c

SHA-256:

3358de7e5b52cf340cc6fe4dbae7aed18f25c7cc30148aea0f13eb2ae159be0e

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

11/5/2024 8:20:06 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Sien.SIENINTE (M)

16.3.25.8

File size:

424 KB (434,152 bytes)

Product version:

3.1.2

Original file name:

updater.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\roaming\air privacy shield\air privacy shield 3.1.2\install\a822b97\updater.exe

Digital Signature

Signed by:

SIEN INTERNET PRODUCTS LTD

Authority:

GlobalSign nv-sa

Valid from:

6/18/2015 7:38:06 AM

Valid to:

6/18/2016 7:38:06 AM

Subject:

CN=SIEN INTERNET PRODUCTS LTD, O=SIEN INTERNET PRODUCTS LTD, L=London, S=LONDON, C=GB

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

112197E7BBA82299D8F1DCEDCE8898C6F8C6

File PE Metadata

Compilation timestamp:

11/19/2015 7:20:45 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

12288:50RQWv+BmSvgYfQRMcwjIpp3g49RLMa+4Tgc:50B+USXQyDwp3g49RLMatP

Entry address:

0x127C6

Entry point:

E8, 23, 63, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 78, 82, 44, 00, 89, 0D, 74, 82, 44, 00, 89, 15, 70, 82, 44, 00, 89, 1D, 6C, 82, 44, 00, 89, 35, 68, 82, 44, 00, 89, 3D, 64, 82, 44, 00, 66, 8C, 15, 90, 82, 44, 00, 66, 8C, 0D, 84, 82, 44, 00, 66, 8C, 1D, 60, 82, 44, 00, 66, 8C, 05, 5C, 82, 44, 00, 66, 8C, 25, 58, 82, 44, 00, 66, 8C, 2D, 54, 82, 44, 00, 9C, 8F, 05, 88, 82, 44, 00, 8B, 45, 00, A3, 7C, 82, 44, 00, 8B, 45, 04, A3, 80, 82, 44, 00, 8D, 45, 08, A3, 8C, 82, 44... 
[+]

Entropy:

6.4167

Code size:

240 KB (245,760 bytes)

Remove updater.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.