» updatetitle.exe
Overview
Analysis
File Details
Downloads (4)

updatetitle.exe

Microsoft Games for Windows - LIVE

Microsoft Corporation

File name:

updatetitle.exe

Publisher:

Microsoft Corporation (signed and verified)

Product:

Microsoft® Games for Windows® - LIVE

Description:

Microsoft Games for Windows - LIVE Title Update Setup

Version:

3.2.0006.0 (WGX_SDK_MAR10_RTM.100318-2246)

MD5:

5ebcdf4c35baf472f7febd8a5b22078b

SHA-1:

d58b19d21c4d705bfc651ade5c82ee49ab9d776e

SHA-256:

8fe36a8c0e9f19cecbed474d500f0c6b3fbefd83e8b5dab8e034bda6f9980253

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)
Whitelisted (by digital signature)

Analysis date:

12/26/2024 6:54:41 AM UTC (today)

File size:

77.8 KB (79,648 bytes)

Product version:

3.2.0006.0

Original file name:

TitleUpdateSetup.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\updatetitle.exe

Digital Signature

Signed by:

Microsoft Corporation

Authority:

Microsoft Corporation

Valid from:

7/14/2009 7:00:18 AM

Valid to:

10/14/2010 7:10:18 AM

Subject:

CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:

CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:

6105F71E000000000032

File PE Metadata

Compilation timestamp:

3/19/2010 1:54:55 PM

OS version:

6.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

1536:nnnv9cfI1gALLea0hHRRcZ2ZPRHXYzJx5UC9y8YD:nv9QIyALLiz62r6x5vQ82

Entry address:

0x58BC

Entry point:

E8, 60, 1B, 00, 00, E9, 74, FE, FF, FF, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 8B, 45, 08, 8B, D0, 66, 8B, 08, 40, 40, 66, 85, C9, 75, F6, 66, 8B, 4D, 0C, 48, 48, 3B, C2, 74, 05, 66, 39, 08, 75, F5, 66, 39, 08, 74, 02, 33, C0, 5D, C3, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 8B, 45, 08, 53, 8B, 5D, 0C, 66, 83, 3B, 00, 57, 8B, F8, 74, 44, 0F, B7, 08, 66, 85, C9, 74, 3A, 0F, B7, D1, 2B, C3, 8B, 4D, 0C, 66, 85, D2, 74, 1B, 0F, B7, 11, 66, 85, D2, 74, 2B, 0F, B7, 1C, 08, 0F, B7, D2, 2B, DA, 75, 08, 41, 41, 66... 
[+]

Entropy:

6.3874

Code size:

58.5 KB (59,904 bytes)

The file updatetitle.exe has been seen being distributed by the following 4 URLs.

https://mega.co.nz/temporary/.../BQpXXa6K

https://downloader.disk.yandex.com.tr/disk/ac482ca3c3f7810942f75afe649be57334120c8d444e2c3a8eebedb3c5bf3164/57e315a4/gttNFhutuqCDYJQ2VdejzcWx4YsK7zopEKa82Ab9rBjo-WHtKeb4ypSHDoYfFwUzOJmjlhuekiGi2a-2ZB82tg==?uid=0&filename=UpdateTitle.exe&disposition=attachment&hash=5UCrk/1osxTq xk3cuhvc9e78UAsoRUsMPtdWye40Fk=:/1.0.7.0 Patch/.../x-msdownload&fsize=79648&hid=92208283fce92773e93306a96573ca2c&media_type=executable&tknv=v2

temp:UpdateTitle.exe

http://s10159.chomikuj.pl/File.aspx?e=XYOsQdy2X7F6wIIHuEJfRRSQRKNRBzvPhcn3Zf7RBbyXNjDAJntctVcHER1dkOVCLj5Io4vK5KX4QlwRXRX51xIe89e2csJ6y99KmBSYaY5WqoB64nKJFe45s4B5iwpdpm-b8YyaN7uelG6q0bUaIg&pv=2

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.