home

driver update.exe

The application driver update.exe has been detected as a potentially unwanted program by 6 anti-malware scanners. This is a setup program which is used to install the application. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from instante.upgraderjudge.eu.
MD5:
aeffd5d3d95ae4f3118160dbc01bd552

SHA-1:
6d60fa8ffd28ccd9ea9f8b7e890a3d68cc8fda83

SHA-256:
b334f66fb4bf2edc92bd23909e076d37cc79ac5b87d453ac530e50ed10fd79f9

Scanner detections:
6 / 68

Status:
Potentially unwanted

Analysis date:
5/15/2024 9:42:02 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Adware-CAH [PUP]
160327-1

AVG
Adware BundleApp_r.D
2015.0.4355

Emsisoft Anti-Malware
Application.Bundler.AirInstaller
11.5.0.6191

Kaspersky
not-a-virus:AdWare.Win32.AirAdInstaller
15.0.0.562

McAfee
Trojan.New Malware.bm
18.0.204.0

Reason Heuristics
Adware.Generic.AT (M)
16.4.7.1

File size:
849.6 KB (869,952 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\driver update.exe

File PE Metadata
Compilation timestamp:
4/9/2014 4:13:37 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:tDILtRX60Rx7xaYu6OnRr9nW3HzovUkKM1KfroZH1zWOW+t29Uhhnc3EzvMP:tDg6SxQHRpWXzPknKEZVzW44410P

Entry address:
0x26CFB0

Entry point:
00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 09, 04, 00, 00, 38, 09, 00, 00, 84, 8C, 27, 00, 2A, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 09, 04, 00, 00, 60, 09, 00, 00, B4, 8C, 27, 00, 84, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 09, 04, 00, 00, 88, 09, 00, 00, 3C, 8E, 27, 00, E6, 04, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.8715  (probably packed)

Code size:
788 KB (806,912 bytes)

The file driver update.exe has been seen being distributed by the following URL.

http://instante.upgraderjudge.eu/AIRdrivercpaUS.html

Remove driver update.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.