home

DATAflor.UpdateManager.exe

DATAflor.UpdateManager

DATAflor AG

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘DATAflor Update-Manager’.
Publisher:
DATAflor AG  (signed and verified)

Product:
DATAflor.UpdateManager

Version:
3.2.0.3

MD5:
23a774dc6f564bcc6eb3406d4f11773e

SHA-1:
81c5ae6e30bb948d369d0bf02dae0f1e8759988d

SHA-256:
3f6cb98ffe3b92bae5cb8ac998e5ea408705e2d269bf0d8f0b59bd7811a57aba

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 6:12:19 AM UTC  (today)

File size:
626 KB (641,048 bytes)

Product version:
3.2.0.3

Copyright:
Copyright © DATAflor AG

Original file name:
DATAflor.UpdateManager.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\dataflor.updatemanager.exe

Digital Signature
Signed by:
DATAflor AG

Authority:
COMODO CA Limited

Valid from:
6/1/2012 2:00:00 AM

Valid to:
6/2/2014 1:59:59 AM

Subject:
CN=DATAflor AG, O=DATAflor AG, STREET=August-Spindler-Str. 20, L=Göttingen, S=Niedersachsen, PostalCode=37079, C=DE

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
652AB48E7E0D36F3FF288773349990DF

File PE Metadata
Compilation timestamp:
5/10/2013 9:39:37 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:3JusuaAdLCLRiJ8yknCQQPEFT9HtYcM+F1Ha9ed3UxPjCQPEFTNHtYcI+F1Ha9en:3Jus8chTZG+F1HiK30uTp2+F1Hia3F

Entry address:
0x69FEE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 03, 00, 00, 00, 30, 00, 00, 80, 0E, 00, 00, 00, E8, 00, 00, 80, 10, 00, 00, 00, 00, 01, 00, 80, 18, 00, 00, 00, 18, 01, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 15, 00, 02, 00, 00, 00, 30, 01, 00, 80, 03, 00, 00, 00, 48, 01, 00, 80, 04, 00, 00, 00, 60, 01, 00, 80, 05, 00, 00, 00, 78, 01, 00, 80, 06, 00, 00, 00, 90, 01, 00, 80, 07, 00, 00, 00, A8, 01...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
416 KB (425,984 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
DATAflor Update-Manager

Command:
C:\Program Files\dataflor\update-manager\dataflor.updatemanager.exe \system


Scan DATAflor.UpdateManager.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.