home

DFAutoUpdate.exe

DFAutoUpdate

DATAflor AG

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘DATAflor Update’.
Publisher:
DATAflor  (signed by DATAflor AG)

Product:
DFAutoUpdate

Version:
1.0.0.0

MD5:
9226cef4f7ad5a84fb4999150cb765ac

SHA-1:
8b2514aacabc18bd19ba37d7818e6d85bb89687c

SHA-256:
74f01b01ce84a92d48eef099bc577133ed5a52f9d9075f149a3254f94f43dede

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 9:23:07 PM UTC  (today)

File size:
51.8 KB (53,064 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © DATAflor 2011

Original file name:
DFAutoUpdate.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\dataflor\dataflor greenxpert\dfautoupdate.exe

Digital Signature
Signed by:
DATAflor AG

Authority:
The USERTRUST Network

Valid from:
5/29/2009 2:00:00 AM

Valid to:
5/29/2012 1:59:59 AM

Subject:
CN=DATAflor AG, O=DATAflor AG, STREET=August-Spindler-Str. 20, L=Göttingen, S=Niedersachsen, PostalCode=37079, C=DE

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
00D59D850738C9A29C86BD4EDD1E0BC1EB

File PE Metadata
Compilation timestamp:
4/20/2011 1:34:28 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:YdGVdORv8b2pFKpPVV/AnQXSLaVHcwihBB4SDy5bI3zGJHvTLFr:3VdO6ypMHVeQC+VBi31y54G1vTZr

Entry address:
0x3D6E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.4256

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
7.5 KB (7,680 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
DATAflor Update

Command:
C:\Program Files\dataflor\dataflor greenxpert\dfautoupdate.exe "greenxpert"


Scan DFAutoUpdate.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.