Liveupdate.exe

LiveUpdate Bazarian

NasleJavan

Scan Liveupdate.exe - Powered by Reason Core Security
Publisher:
NasleJavan

Product:
LiveUpdate Bazarian

Version:
88.00.0001

MD5:
f972117dea19144f467dee16b4186dfa

SHA-1:
e9a4b85796163c097274ae888c0f233c464dc271

SHA-256:
13ce743ae41207919b1afa6c1044265e003e67398b614cfb209fbbf1f4f03fea

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
12/5/2016 1:31:54 AM UTC  (today)

Scan engine
Detection
Engine version

Jiangmin
TrojanSpy.VBChuchelo.ao
KV140610

Vba32 AntiVirus
suspected of Trojan-Downloader.VB.28
3.12.12.0

File size:
116 KB (118,784 bytes)

Product version:
88.00.0001

Original file name:
Liveupdate.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\bazarian accounting\liveupdate.exe

File PE Metadata
Compilation timestamp:
4/16/2009 3:20:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:xGoIC42b6gnwjgzOxzwMwIurC42b6gnwDkpHukkWEMggz4XPPrlKhc:xGoq+6Kw0zeKVf+6KwDklCMggz4H/

Entry address:
0x1A08

Entry point:
68, 10, 70, 40, 00, E8, EE, FF, FF, FF, 00, 00, 48, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 17, 71, F0, A7, DA, 84, 47, 4D, B5, 8C, 88, 9E, 9C, 63, 10, 0D, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 31, 36, 0D, 0A, 20, 20, 4C, 69, 76, 65, 55, 70, 64, 61, 74, 65, 00, 6E, 50, 72, 6F, 70, 00, 72, 74, 79, 20, 49, 6D, 61, 00, 00, 00, 00, 90, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 01, 00, 00, 00, E6, A4, 0A, 4A, 51, 79, 2A, 4B, B4, 44, 44, D2, 11, B1, 95, FA, 01, 00, 00, 00, A0, 00, 00, 00...
 
[+]

Entropy:
6.3244

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
104 KB (106,496 bytes)

Scan Liveupdate.exe - Powered by Reason Core Security