home

update.exe

Polkomtel Sp. z o.o.

Publisher:
Polkomtel Sp. z o.o.  (signed and verified)

MD5:
c30a4893e95b9bdaa1e240ff0706ada3

SHA-1:
02eec1760f30b53c3d887bae42c7fc214a3574a5

SHA-256:
39960af62ed46962b50ac92949b75d858681b48cce904fef8ce80a2f8a9f4e10

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/23/2024 7:23:43 AM UTC  (today)

Scan engine
Detection
Engine version

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.26.3

File size:
666.4 KB (682,344 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\plus internet\update.exe

Digital Signature
Signed by:
Polkomtel Sp. z o.o.

Authority:
VeriSign, Inc.

Valid from:
5/17/2012 2:00:00 AM

Valid to:
5/25/2015 1:59:59 AM

Subject:
CN=Polkomtel Sp. z o.o., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Polkomtel Sp. z o.o., L=Warszawa, S=Mazowieckie, C=PL

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5E468EE07DC1780B89D06E305F8A9695

File PE Metadata
Compilation timestamp:
4/9/2013 6:31:42 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

CTPH (ssdeep):
12288:wclK5C32X/ByXZ4U8okOlOw0Iqhf+j9rqmLP2ubg5gAcz:wclK5CAux/KIYa9rpLP2otz

Entry address:
0x50893

Entry point:
E8, F1, AB, 00, 00, E9, 40, FE, FF, FF, 8D, 44, 24, 10, 50, 6A, 00, FF, 74, 24, 14, FF, 74, 24, 14, FF, 74, 24, 14, E8, 5E, AD, 00, 00, 83, C4, 14, C3, 55, 8D, AC, 24, 10, FA, FF, FF, 81, EC, 6C, 06, 00, 00, A1, 24, FC, 49, 00, 33, C5, 89, 85, EC, 05, 00, 00, 8B, 85, FC, 05, 00, 00, 53, 56, 89, 45, 94, 57, 8B, BD, F8, 05, 00, 00, 8D, 45, 88, 33, DB, 50, 89, 7D, 8C, 89, 5D, 88, E8, 9C, 24, 00, 00, 83, 7D, 88, 01, 59, 0F, 85, 2D, 01, 00, 00, 3B, FB, BE, 1C, 02, 00, 00, 74, 78, 66, 39, 1F, 74, 73, 6A, FF, 57...
 
[+]

Code size:
500 KB (512,000 bytes)

Scan update.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.