home

8duj27us.exe

ThinkPad BIOS Update Utility

Lenovo Group Limited

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from download.lenovo.com.
Publisher:
Lenovo Group Limited

Product:
ThinkPad BIOS Update Utility

Description:
For Lenovo Updates Catalog

Version:
1.42.1.24

MD5:
fa0c8669c6542f8b37a781209f07271d

SHA-1:
575c5b40d48031e4ed1b7b42e8f8fb02a673d753

SHA-256:
a87793984e1a1f8bdab8c2d3343ed2117bd720005293af7bd528c60234317376

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/27/2024 12:04:24 AM UTC  (today)

File size:
5.8 MB (6,070,328 bytes)

Product version:
1.42.1.24

Copyright:
Copyright © Lenovo 2005 - 2016.

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\8duj27us.exe

File PE Metadata
Compilation timestamp:
6/20/1992 6:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:f9itqCu7IyXyfkMjixFodSbsVzSjTvL9UT60WtFKs6/mEd1Mv51pFTQTwDUfrNiA:ktxSyfpix6VzSjTTyCEsTE/Q55tDU47/

Entry address:
0x9C40

Entry point:
88, F0, 0F, BE, D5, 69, FA, 4E, F0, 66, 02, 71, 03, C6, C3, 92, 12, DF, 8A, DD, 2B, F2, 87, F7, 72, 05, 0F, AF, CE, 88, C1, 33, C7, FF, CB, 31, E9, 8A, EB, 89, F2, 51, 68, 39, B9, 18, 00, 72, 07, 04, F8, F6, C5, B9, 8B, EE, FE, CB, 81, F5, 02, 01, 2F, BF, 55, 68, D8, E0, E9, 00, B2, 87, C6, C3, C3, E8, 28, 00, 00, 00, 87, EA, 3A, FF, 89, CE, B8, CB, 3F, 4F, C6, 09, C8, F3, 85, C3, F7, C3, 2E, C4, AE, 96, 81, EF, 5C, F5, 00, 00, 69, DE, CD, F9, 2C, 8B, 81, C7, 1A, 03, 00, 00, 5E, 33, C9, 86, C4, 88, CB, 1A...
 
[+]

Entropy:
7.9984  (probably packed)

Code size:
37 KB (37,888 bytes)

The file 8duj27us.exe has been seen being distributed by the following URL.

https://download.lenovo.com/pccbbs/.../8duj27us.exe

Scan 8duj27us.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.