» softwareupdater.exe
Overview
Analysis
File Details
Downloads (355)

softwareupdater.exe

OSU

Traffic Space, LLC

The application softwareupdater.exe, “Open Software Updater” by Traffic Space has been detected as adware by 9 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from staysafedownloads.com and multiple other hosts.

File name:

softwareupdater.exe

Publisher:

InstallerTech Corp (signed by Traffic Space, LLC)

Product:

OSU

Description:

Open Software Updater

Version:

3.0.0.0

MD5:

d0b7d6542dbd1519d29a64f0aa65cf86

SHA-1:

792f7b2ebee78da003674ecd27e0894ab1cddc8e

SHA-256:

82e5d82c5f4ebd0f87be2d7dc40ccc4dbe165ced82e401f0f6f6923ca5fcc2e0

Scanner detections:

9 / 68

Status:

Adware

Analysis date:

12/18/2025 11:22:02 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

AVG

Generic

2016.0.2995

Baidu Antivirus

PUA.Win32.DownWare

4.0.3.1595

Bkav FE

W32.HfsAdware

1.3.0.6979

ESET NOD32

multiple threats

6.3.12010.0

McAfee

Artemis!D0B7D6542DBD

5600.6651

Qihoo 360 Security

HEUR/QVM42.1.Malware.Gen

1.0.0.1015

Reason Heuristics

PUP (M)

17.3.11.17

Rising Antivirus

NS:PUF.SilenceInstaller!1.9DDF[F1]

23.00.65.15903

VIPRE Antivirus

InstallerTech

43436

File size:

384.4 KB (393,592 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\softwareupdater.exe

Digital Signature

Signed by:

Traffic Space, LLC

Authority:

Symantec Corporation

Valid from:

3/16/2015 8:00:00 PM

Valid to:

4/15/2016 7:59:59 PM

Subject:

CN="Traffic Space, LLC", O="Traffic Space, LLC", L=Woodcliff Lake, S=New Jersey, C=US

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

6C4417841FFCEC12D6EFE825A6723A4E

File PE Metadata

Compilation timestamp:

12/5/2009 5:50:41 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

6144:mQqSzpk3Qa5gPArDkS5oKaCBEORtFJUETQJz/aT/3YT/6JBGu1P+Ys52r6S:tFfa5drDBLhXbTQJs/w/boP+Ys52r6S

Entry address:

0x30CB

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 38, 3F, 42, 00, E8, F1, 2B, 00, 00, A3, 84, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 30, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 80, 36, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, 92, 28, 00, 00... 
[+]

Entropy:

7.8629

Packer / compiler:

Nullsoft install system v2.x

Code size:

22.5 KB (23,040 bytes)

The file softwareupdater.exe has been seen being distributed by the following 50 URLs.

https://staysafedownloads.com/campaign/.../rdr.php

https://installthesoftware.com/campaign/.../rdr.php

https://speedyfiledownload.com/campaign/.../rdr.php