Updater.exe

IIItepSeLb

This is a setup program which is used to install the application. The file has been seen being downloaded from dota2tool.ru.
Publisher:
IIItepSeLb

Product:
IIItepSeLb

Description:
Updater

Version:
1.0.0.0

MD5:
d3e7ee2177928f26a48fd56152fda14e

SHA-1:
c6235aa38f6cbc456d95ae3843bbdecc9e4208ac

SHA-256:
05794192ba5e981ff922fda3868610f32c1a454bf391633c3a387de1aecc7515

Scanner detections:
16 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/1/2024 3:01:48 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Kazy.530859
408

Agnitum Outpost
Trojan.Kazy
7.1.1

Bitdefender
Gen:Variant.Kazy.530859
1.0.20.1785

Emsisoft Anti-Malware
Gen:Variant.Kazy.530859
8.15.12.23.11

Fortinet FortiGate
Dx.D2M!tr
12/23/2015

F-Secure
Gen:Variant.Kazy.530859
11.2015-23-12_4

G Data
Gen:Variant.Kazy.530859
15.12.25

IKARUS anti.virus
Win32.SuspectCrc
t3scan.1.8.6.0

McAfee
RDN/Generic.dx!d2m
5600.6542

MicroWorld eScan
Gen:Variant.Kazy.530859
16.0.0.1071

Norman
Suspicious_Gen5.BBRUP
11.20151223

Panda Antivirus
Trj/CI.A
15.12.23.11

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

Trend Micro House Call
TROJ_GEN.R04AC0EB215
7.2.357

Trend Micro
TROJ_GEN.R04AC0EB215
10.465.23

VIPRE Antivirus
Trojan.Win32.Generic
38706

File size:
178.5 KB (182,784 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2014

Original file name:
Updater.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\updater.exe

File PE Metadata
Compilation timestamp:
1/15/2015 7:53:45 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:5PgSrhkkkkkkkpkfAWZA/c3S4J8wfYUPgSrhkkkkkkk:5P5kkkkkkkpk3EISu82xP5kkkkkkk

Entry address:
0x1D40E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
109.5 KB (112,128 bytes)

The file Updater.exe has been seen being distributed by the following URL.

Scan Updater.exe - Powered by Reason Core Security