» LiveUpdate.exe
Overview
Analysis
File Details
Programs (1)

LiveUpdate.exe

LiveUpdate

Wuhan Jiduo Information Technology Co.,Ltd.

The application LiveUpdate.exe by Wuhan Jiduo Information Technology Co.,Ltd has been detected as a potentially unwanted program by 3 anti-malware scanners. This file is typically installed with the program Driver Genius Professional Edition by Driver-Soft Inc. which is a potentially unwanted software program.

File name:

LiveUpdate.exe

Publisher:

Driver-Soft Inc. (signed by Wuhan Jiduo Information Technology Co.,Ltd.)

Product:

LiveUpdate

Version:

9.00.0176

MD5:

e73787b09d8c3bfeeb58ebea6c54e5c0

SHA-1:

ca42234b113c67e5dbc30b0646436f817acec73e

SHA-256:

dc9c906f3c2567acc98d592fc3f08360210d6acd8b01b31eb0d1d860c1ff20d3

Scanner detections:

3 / 68

Status:

Potentially unwanted

Analysis date:

4/19/2024 2:44:55 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Win32.Generic.WuhanJiduoInformationTechnology.Meta

15.9.1.17

Rising Antivirus

Trojan.Win32.Generic.12CBB584

23.00.65.15830

Vba32 AntiVirus

Backdoor.Win32.Hupigon.jnxe

3.12.12.1

File size:

549.1 KB (562,256 bytes)

Product version:

9.00.0176

Original file name:

LiveUpdate.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\driver-soft\drivergenius\liveupdate.exe

Digital Signature

Signed by:

Wuhan Jiduo Information Technology Co.,Ltd.

Authority:

WoSign, Inc.

Valid from:

5/22/2008 1:00:00 AM

Valid to:

5/23/2010 12:59:59 AM

Subject:

CN=Driver-Soft.com, OU=Class 3 - for Microsoft Authenticode Signing, O="Wuhan Jiduo Information Technology Co.,Ltd.", L=Wuhan, S=Hubei, C=CN

Issuer:

CN=WoSign Code Signing Authority, O="WoSign, Inc.", C=US

Serial number:

79E59F0AC0FF47090A57C16B38B1BD

File PE Metadata

Compilation timestamp:

6/15/2009 5:00:23 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

12288:67GhH7UgMOCl1JTRbMhkwj8UiAm2ePYGqLhWWWFC6coGS6a0:67GhH5MLTRbMhkS9ylPYbLwWAz0

Entry address:

0x1000

Entry point:

68, 01, 80, 45, 00, E8, 01, 00, 00, 00, C3, C3, B2, 3D, 64, 26, 29, 8F, A4, 96, ED, 8F, EB, 24, C3, BD, E9, C9, 84, 71, AD, BC, 80, 17, 10, 74, D9, 05, 1B, 1B, 09, C0, F6, 7A, E2, F8, E4, C2, 0A, 56, 1A, 4E, A6, 90, 97, FE, 20, 59, 11, AD, 89, 73, E3, 13, 29, D6, 0D, AF, 3A, 2A, 2C, 5B, A2, 85, AF, 51, 2C, 56, 2D, 48, 08, 75, 49, 37, 83, 11, AF, 98, 87, 5E, 31, 0C, A4, DD, A5, A2, CC, 54, A6, E9, B2, 61, FF, E9, 81, 56, E2, 6C, 6A, 35, 3D, 25, C2, E1, 1F, F1, 54, B4, 3A, A8, E7, 3C, 09, 22, BA, A3, FB, 0E... 
[+]

Entropy:

7.9141

Packer / compiler:

ASProtect v1.2x (New Strain)

Code size:

312 KB (319,488 bytes)

The file LiveUpdate.exe has been discovered within the following program.

Driver Genius Professional Edition by Driver-Soft Inc.

This is an application designed to check the computer's installed drivers against a database of available drivers for a number of software and device hardware applications.

www.driver-soft.com

65% remove it

Remove LiveUpdate.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.