home

AutoUpdaterShell.exe

@Обновление

Iteamma Development Team

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Iteamma AutoUpdaterShell’.
Publisher:
Iteamma Development Team  (signed and verified)

Product:
@Обновление

Version:
8,9,0,0

MD5:
104580df99c8ef016fca5aae58acf7f8

SHA-1:
804247adaf910ba6e0ceffb81e367746473acd53

SHA-256:
9f2d30f8afbc715421052cb80731cc1ee0a423f253dc6b05e6dcbcfe3f1929ba

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 1:18:00 AM UTC  (today)

File size:
175.2 KB (179,368 bytes)

Product version:
8,9,0,0

Copyright:
Copyright © Iteamma Development Team 2007-2010

Original file name:
AutoUpdaterShell.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\iteamma\autoupdater\autoupdatershell.exe

Digital Signature
Signed by:
Iteamma Development Team

Authority:
COMODO CA Limited

Valid from:
4/9/2012 3:00:00 AM

Valid to:
4/10/2015 2:59:59 AM

Subject:
CN=Iteamma Development Team, O=Iteamma Development Team, STREET=27/29 B. Predtechenski per., L=Moscow, S=Moscow City, PostalCode=123022, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00F01B293D0DD690E281CE8D4080D79949

File PE Metadata
Compilation timestamp:
4/12/2013 11:42:44 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:2QfUh7wPfBc2yYzVYJZhwphPtdghXqTyIJlmh/q3VZukYcgO3BHSfqg:2QfUhMP/zV0wqnWusgO3BHSfq

Entry address:
0x14066

Entry point:
E8, B8, 05, 00, 00, E9, 37, FD, FF, FF, 3B, 0D, D8, 64, 42, 00, 75, 02, F3, C3, E9, 3A, 06, 00, 00, 8B, FF, 55, 8B, EC, F6, 45, 08, 02, 57, 8B, F9, 74, 25, 56, 68, F0, 47, 41, 00, 8D, 77, FC, FF, 36, 6A, 0C, 57, E8, 45, 01, 00, 00, F6, 45, 08, 01, 74, 07, 56, E8, DE, F5, FF, FF, 59, 8B, C6, 5E, EB, 14, E8, 39, 07, 00, 00, F6, 45, 08, 01, 74, 07, 57, E8, C7, F5, FF, FF, 59, 8B, C7, 5F, 5D, C2, 04, 00, 6A, 14, 68, 08, 08, 42, 00, E8, C5, 04, 00, 00, FF, 35, C4, 77, 42, 00, 8B, 35, 6C, 83, 41, 00, FF, D6, 59...
 
[+]

Code size:
91.5 KB (93,696 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Iteamma AutoUpdaterShell

Command:
"C:\Program Files\iteamma\autoupdater\autoupdatershell.exe" -w


Scan AutoUpdaterShell.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.