updfinalizer.exe

Update Finalizer for Rich Media Player

Radiocom CJSC

The application updfinalizer.exe by Radiocom CJSC has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Radiocom  (signed by Radiocom CJSC)

Product:
Update Finalizer for Rich Media Player

Version:
1.0.0.1307

MD5:
cd0caf19d2c630ed7e477433e3c09f36

SHA-1:
29af3f1270226595906dd91f31ff1353f13bfc55

SHA-256:
80cdbd5077a5a4c61bcf7f1fc072467c61d6a84331e442e4aa1eb0da02a19bb5

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/25/2024 11:50:02 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.8.11.20

File size:
246.3 KB (252,184 bytes)

Product version:
2.4.2.0

Copyright:
Copyright (C) Radiocom

Original file name:
updfinalizer.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\rich media player\updfinalizer.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
1/17/2014 7:00:00 AM

Valid to:
2/17/2015 6:59:59 AM

Subject:
CN=Radiocom CJSC, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Radiocom CJSC, L=Kiev, S=Kiev, C=UA

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
531E40729E737E46C1F9519C589E8681

File PE Metadata
Compilation timestamp:
7/30/2014 4:14:13 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:5aJ9cWoh6sCRYaX4Dn8kon/UUmovjOllYpuAKQMp:QHqCRxXM8ko/UzllYpQ

Entry address:
0x1AD1

Entry point:
B8, 08, B9, 47, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, BB, BF, 71, D1, ED, 9F, 39, D7, FF, B3, E1, 26, A9, 8A, 05, 3D, 7D, 11, 35, 67, 62, 7C, 24, AD, 96, DF, 3F, A6, 5A, 1C, 2C, 90, E4, 78, 49, 30, 78, 29, EA, 85, 47, C4, 98, D0, C2, 68, F0, FE, 82, AF, 8D, 7C, E6, F4, C9, E7, 89, 40, 03, D2, FA, 1D, 15, 87, 42, E0, FD, 62, 43, 7D, 91, 79, F2, 88, B7, 7F, 7F, F5, 48, F4, E2, BF, FC, B3, C9, 3E, 48, E9, FF, AF, 0D, AC, 9B...
 
[+]

Entropy:
5.8431

Packer / compiler:
PECompact v2

Code size:
27 KB (27,648 bytes)

Remove updfinalizer.exe - Powered by Reason Core Security