home

CAUpdates.exe

CAUpdates

CyberAdmin

Publisher:
CyberAdmin

Product:
CAUpdates

Version:
5.0.0.5

MD5:
b87e17c39f997f0f863ff325935dfbe6

SHA-1:
784517015b20be964385c2174713919e2e715da3

SHA-256:
7b60859131db91dd0dcc08d21e02f2da03a1bc506bcf45b53729657cb2250034

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/19/2024 10:13:31 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Dropper.MSIL.Gen
3.6.1.96

Bkav FE
HW32.Packed
1.3.0.6379

IKARUS anti.virus
Trojan-Dropper
t3scan.1.8.6.0

McAfee
Artemis!B87E17C39F99
5600.6674

File size:
388 KB (397,312 bytes)

Product version:
5.0.0.5

Copyright:
Copyright © CyberAdmin 2012

Trademarks:
CyberAdmin

Original file name:
CAUpdates.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\cyberadmin free 5\updates\caupdates.exe

File PE Metadata
Compilation timestamp:
2/29/2012 8:45:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:ChwydQoYmZb4tkv41QxDsTTD/XamJ01u9DLV/++8VROKtD36qYX:ADupmZkw42snXa5u9txaZDKq

Entry address:
0xB068

Entry point:
FF, 25, 58, B0, 40, 00, 00, 00, 5F, 43, 6F, 72, 45, 78, 65, 4D, 61, 69, 6E, 00, 6D, 73, 63, 6F, 72, 65, 65, 2E, 64, 6C, 6C, 00, 00, F3, 04, 00, 7B, 7A, 7D, 01, 00, CC, 06, 00, F0, F2, 04, 00, 00, CC, 06, 00, CC, BD, 09, 9C, 5C, 45, B5, 3F, 5E, 7D, 6F, F7, BD, BD, CD, 64, EE, F4, CC, ED, 59, 92, E9, 09, 61, 86, CB, 40, 42, 18, 20, F4, CC, 84, 64, 88, 80, 08, 88, 80, 88, 33, 01, 49, 00, 59, 32, 22, 37, AF, 07, 5C, 68, 1A, F0, 29, AE, 80, 46, 85, F7, 93, 17, 05, 82, 8A, CB, 73, 7B, 4F, 79, EE, F2, DC, 37, 14...
 
[+]

Code size:
372 KB (380,928 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to p3nw8shg529.shr.prod.phx3.secureserver.net  (45.40.165.33:80)

TCP (HTTP):
Connects to p3nw8shg337.shr.prod.phx3.secureserver.net  (184.168.27.39:80)

Scan CAUpdates.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.