» updater.exe
Overview
Analysis
File Details
Programs (1)

updater.exe

Softoware LLC

The application updater.exe, “updater 2.6.5 © Privacy Essential, Inc, 2014” by Softoware has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Privacy Essential which is a potentially unwanted software program.

File name:

updater.exe

Publisher:

Privacy Essential (signed by Softoware LLC)

Product:

Privacy Essential

Description:

updater 2.6.5 © Privacy Essential, Inc, 2014

Version:

2.6.5

MD5:

8f73f8dda4d4df6f7f4a199443f99c11

SHA-1:

d9652f4248aaf7f0afe6c7b35835e70d79895116

SHA-256:

83f309619f25e04ab9465b590e8b0e6be5dd5fa8275099f50b987cbab0993dee

Scanner detections:

1 / 68

Status:

Potentially unwanted

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

11/27/2024 5:55:58 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Softoware (M)

15.7.5.4

File size:

422.4 KB (432,552 bytes)

Product version:

2.6.5

Original file name:

updater.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\roaming\privacy essential\privacy essential 2.6.5\install\f2f1455\updater.exe

Digital Signature

Signed by:

Softoware LLC

Authority:

COMODO CA Limited

Valid from:

5/7/2014 8:00:00 PM

Valid to:

5/8/2015 7:59:59 PM

Subject:

CN=Softoware LLC, O=Softoware LLC, STREET="1225 Franklin Avenue, Suite 325", L=Garden City, S=New York, PostalCode=11530, C=US

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00F5129FB072A6BEE47D9FF965F7857074

File PE Metadata

Compilation timestamp:

10/7/2014 11:01:18 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

6144:qGDVPVmyTCYbbLe+Bz1iE1/M7xbQE9VP/qBDx4Qygrh82Hvd:qGCyTCYbbfB1iEm7xME95q4ON

Entry address:

0x10F92

Entry point:

E8, EE, 75, 00, 00, E9, 79, FE, FF, FF, 68, 00, 10, 41, 00, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, 44, 10, 44, 00, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F0, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 83, EC, 18, 53, 8B, 5D, 0C, 56, 8B, 73, 08, 33, 35... 
[+]

Entropy:

6.2521

Code size:

227.5 KB (232,960 bytes)

The file updater.exe has been discovered within the following program.

Privacy Essential by Privacy Essential

This is an ad Injector type of malware that is typically bundled with unwanted software offers for legitimate software and once installed is deceptive, difficult to remove as well as impacts the security of the user's computer by displaying intrusive advertisements in the web browser which promote and trick users into installing other unwanted adware or malware.

83% remove it

Remove updater.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.