home

AutoUpdate.EXE

Amadeus Automatic Update

Amadeus

Publisher:
Amadeus  (signed and verified)

Product:
Amadeus Automatic Update

Description:
Automatic Update Service

Version:
3, 3, 300, 1

MD5:
ff5785c567bae2951a4d821ac2593d77

SHA-1:
572eb6aa4dbfc4c8092ce76e7781c0ef21d37606

SHA-256:
bc37d193cdecfd9c1f380d7fd579749514358e9413def90c5543a7eec6b696ac

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/26/2024 2:24:53 PM UTC  (today)

Scan engine
Detection
Engine version

Prevx
Heuristic: Suspicious Self Modifying File
3.0.2

Vba32 AntiVirus
suspected of Win32.BrokenEmbeddedSignature
16.02.03

File size:
205.4 KB (210,344 bytes)

Product version:
3, 3, 300, 1

Copyright:
Copyright 2001

Original file name:
AutoUpdate.EXE

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\automatic update\autoupdate.exe

Digital Signature
Signed by:
Amadeus

Authority:
Amadeus

Valid from:
9/1/2003 8:26:11 PM

Valid to:
9/1/2018 8:36:11 PM

Subject:
CN=amadeus sign in certificate, OU=Amadeus Data Processing, O=Amadeus, L=Erding, S=Bayern, C=DE, E=orouviere@amadeus.net

Issuer:
CN=Amadeus Root CA, OU=Amadeus Data Processing, O=Amadeus, L=Erding, S=Bayern, C=DE, E=amadeus@amadeus.net

Serial number:
6113B55900000000001C

File PE Metadata
Compilation timestamp:
5/21/2010 4:16:22 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:l+Kq9T2z3o/q4ONtDLbm06S5WuGgV9CW08ohge51nhgnUecDOVr8cqe:oKq9T2z3o/rONtXbJ6S5WuGgyW08ohgn

Entry address:
0x16AA4

Entry point:
48, 83, EC, 28, E8, C7, 03, 00, 00, 48, 83, C4, 28, E9, FE, FC, FF, FF, CC, CC, 48, 8B, C4, 48, 89, 58, 08, 48, 89, 68, 10, 48, 89, 70, 18, 48, 89, 78, 20, 41, 54, 48, 83, EC, 20, 4D, 8B, 51, 38, 48, 8B, F2, 4D, 8B, E0, 41, 8B, 02, 48, 8B, E9, 49, 8B, D1, 48, 03, C0, 48, 8B, CE, 49, 8B, F9, 49, 8D, 5C, C2, 04, 4C, 8B, C3, E8, C6, F9, FF, FF, 44, 8B, 1B, 44, 8B, 55, 04, 41, 8B, C3, 41, 83, E3, 02, BA, 01, 00, 00, 00, 23, C2, 41, 80, E2, 66, 44, 0F, 44, D8, 45, 85, DB, 74, 13, 4C, 8B, CF, 4D, 8B, C4, 48, 8B...
 
[+]

Entropy:
5.9618

Code size:
108.5 KB (111,104 bytes)

User Start Menu Item
Name:
AutoUpdate.exe


Scan AutoUpdate.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.