» LiveUpdate.exe
Overview
Analysis
File Details

LiveUpdate.exe

LiveUpdate

Wuhan Jiduo Information Technology Co.,Ltd.

The application LiveUpdate.exe by Wuhan Jiduo Information Technology Co.,Ltd has been detected as a potentially unwanted program by 5 anti-malware scanners.

File name:

LiveUpdate.exe

Publisher:

Driver-Soft Inc. (signed by Wuhan Jiduo Information Technology Co.,Ltd.)

Product:

LiveUpdate

Version:

9.00.0176

MD5:

46b65ef47a06fd04405c90088f58b69c

SHA-1:

9d4eeaaa59b2d657e1693ca86e5000170ac8c776

SHA-256:

2ecd10bcd0d73e0e5eb702c6f4db7d194ac1fb0eee5c714130569f65b0f54045

Scanner detections:

5 / 68

Status:

Potentially unwanted

Analysis date:

12/31/2025 11:27:02 AM UTC (today)

Scan engine

Detection

Engine version

Boost by Reason

Optional.WuhanJiduoInformationTechnologyCoLtd.K

188838

Comodo Security

Heur.Suspicious

16550

Reason Heuristics

PUP.Optional.WuhanJiduoInformationTechnologyCoLtd.K

14.8.1.0

Rising Antivirus

Trojan.Win32.Generic.12CBB584

23.00.65.14128

Vba32 AntiVirus

Backdoor.Win32.Hupigon.jnxe

3.12.12.1

File size:

521.6 KB (534,096 bytes)

Product version:

9.00.0176

Original file name:

LiveUpdate.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\driver-soft\drivergenius\liveupdate.exe

Digital Signature

Signed by:

Wuhan Jiduo Information Technology Co.,Ltd.

Authority:

WoSign, Inc.

Valid from:

5/22/2008 3:00:00 AM

Valid to:

5/23/2010 2:59:59 AM

Subject:

CN=Driver-Soft.com, OU=Class 3 - for Microsoft Authenticode Signing, O="Wuhan Jiduo Information Technology Co.,Ltd.", L=Wuhan, S=Hubei, C=CN

Issuer:

CN=WoSign Code Signing Authority, O="WoSign, Inc.", C=US

Serial number:

79E59F0AC0FF47090A57C16B38B1BD

File PE Metadata

Compilation timestamp:

6/9/2009 9:59:47 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

12288:YZk73IgTGJTRbMhkwj8UiAm2ePYGqLtxsQe/iNG8WOLWGq:Yu73IgTATRbMhkS9ylPYbLtxsZKNAOL4

Entry address:

0x1000

Entry point:

68, 01, 80, 45, 00, E8, 01, 00, 00, 00, C3, C3, 8A, BC, D7, A5, 5F, 52, E7, AE, 9F, AC, 14, A6, 76, 73, 47, 90, 6D, 5C, 3C, 8A, A8, D6, 7D, 1D, 20, 1E, 26, 29, DD, 70, 6F, 84, 02, FF, 6F, EA, D4, 98, BE, 01, DE, E4, EF, 41, 17, A4, 71, E3, 2F, 54, FD, 33, 10, FD, AD, 0E, 78, 1B, 99, 13, 8A, E5, C7, A5, 5B, 5D, CE, 36, 54, E3, 43, EF, 2E, 98, C0, 1B, FE, 2E, 37, D2, A2, F8, F1, 62, 2A, 22, 36, 52, F0, AC, 1E, 9C, 60, 7B, 06, F6, AB, 9B, A0, BE, BD, E4, E7, 12, 66, 27, CB, B2, F8, 1A, 9B, 9C, 9B, 36, DE, FF... 
[+]

Entropy:

7.9077

Packer / compiler:

ASProtect v1.2x (New Strain)

Code size:

312 KB (319,488 bytes)

Remove LiveUpdate.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.