home

upd.EXE

upd

UNIMAKE SOLUCOES CORPORATIVAS LTDA - EPP

This is a setup program which is used to install the application. The file has been seen being downloaded from 74.222.1.252 and multiple other hosts.
Publisher:
Unimake Software  (signed by UNIMAKE SOLUCOES CORPORATIVAS LTDA - EPP)

Product:
upd

Description:
Atualizador UniDANFE e DANFE View

Version:
1.6.11.295

MD5:
1b2b05a33f6c90bbb020358bf12d2dc9

SHA-1:
7c00d6c06a24e32c89e74f2be3d058ed11f65b48

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/5/2024 2:13:34 PM UTC  (today)

File size:
4.6 MB (4,860,560 bytes)

Product version:
1.6.11.295

Copyright:
Copyright © Unimake Softwares

Trademarks:
Todos os direitos reservados

Original file name:
upd.EXE

File type:
Executable application (Win32 EXE)

Language:
Albanês

Digital Signature
Signed by:
UNIMAKE SOLUCOES CORPORATIVAS LTDA - EPP

Authority:
GlobalSign nv-sa

Valid from:
1/28/2016 11:30:49 AM

Valid to:
1/28/2017 11:30:49 AM

Subject:
CN=UNIMAKE SOLUCOES CORPORATIVAS LTDA - EPP, OU=TI, O=UNIMAKE SOLUCOES CORPORATIVAS LTDA - EPP, L=Paranavai, S=Parana, C=BR

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112180153F75CD180E0B299CEBC1A6759DB4

File PE Metadata
Compilation timestamp:
6/17/2016 7:53:56 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.50

CTPH (ssdeep):
24576:xL8oOzU98RVSEXRGNMdv/nJUfU5CRMyxVJp6LbH2rFuqDVw6G6/OXjI8qJTMQpXD:cOoRMur5CPxPHC6vYCTJX91nL5ND

Entry address:
0x90734

Entry point:
DB, E3, 31, C0, BB, 84, B0, 59, 00, 89, C1, E8, 30, 92, 09, 00, 09, C0, 74, 0A, B8, 70, A0, 54, 00, E8, A2, F8, 08, 00, E8, F5, 56, FA, FF, 90, 60, 89, C6, 89, DA, 8A, 06, 8A, 5E, 01, 8A, 4E, 02, E8, 86, 00, 00, 00, 88, 06, 88, 46, 01, 88, 46, 02, 61, C3, 51, 52, 83, F9, 64, 7E, 07, B9, 64, 00, 00, 00, EB, 0A, 83, F9, 00, 7D, 05, B9, 00, 00, 00, 00, BA, 64, 00, 00, 00, E8, 06, 00, 00, 00, 5A, 59, C3, 90, 90, 90, 83, EC, 04, 60, 89, C6, 89, CF, 89, 54, 24, 20, 52, 57, 0F, B6, 4E, 02, 0F, B6, 43, 02, 29, C1...
 
[+]

Code size:
1.6 MB (1,634,816 bytes)

The file upd.EXE has been seen being distributed by the following 2 URLs.

http://74.222.1.252/.../upd.exe

http://www.unimake.com.br/pub/.../upd.exe

Scan upd.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.