» update_setup.exe
Overview
Analysis
File Details
Programs (1)

update_setup.exe

Beijing AJ Technology Co., Ltd

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer.

File name:

update_setup.exe

Publisher:

Beijing AJ Technology Co., Ltd (signed and verified)

MD5:

6eaf5fc67a1b649990f2bed179a5f902

SHA-1:

06b375ebe6aa1f786124c7f5801277255581f6ee

SHA-256:

d2e2f3d5c7ae86da2a5573b1e6495dfbba1e194502f1cdaca9337921c53b02e1

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/24/2024 3:31:40 AM UTC (today)

Scan engine

Detection

Engine version

Comodo Security

Heur.Suspicious

16818

File size:

5.6 MB (5,828,312 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\update_setup.exe

Digital Signature

Signed by:

Beijing AJ Technology Co., Ltd

Authority:

Thawte, Inc.

Valid from:

1/24/2013 9:00:00 AM

Valid to:

3/26/2015 8:59:59 AM

Subject:

CN="Beijing AJ Technology Co., Ltd", OU=客户端软件部, O="Beijing AJ Technology Co., Ltd", L=Beijing, S=Beijing, C=CN

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

2A20779F7826CC673DD8C533775FEC4D

File PE Metadata

Compilation timestamp:

2/25/2012 4:19:59 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

98304:A/FbZaM/zzeswiX7ErJ1WqG80pypCpzGMk5EiPnl6um6f8OjqTeLZYOqUbkm+Kw8:AdbZameZ1WD7IpeEEiPn+kHO0ZYOmybt

Entry address:

0x39E3

Entry point:

81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, 91, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B8, 80, 40, 00, 55, FF, 15, C0, 82, 40, 00, 6A, 08, A3, B8, 2E, 47, 00, E8, 37, 2A, 00, 00, 55, 68, B4, 02, 00, 00, A3, D0, 2D, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 1C, 93, 40, 00, FF, 15, 84, 81, 40, 00, 68, 04, 93, 40, 00, 68, C0, AD, 46, 00, E8, 19, 27, 00, 00, FF, 15, B4, 80, 40, 00, 50, BF, A0, 30, 4C, 00, 57, E8, 07, 27, 00, 00... 
[+]

Entropy:

7.9985

Packer / compiler:

Nullsoft install system v2.x

Code size:

28 KB (28,672 bytes)

The file update_setup.exe has been discovered within the following programs.

Woopie Video DeskTop by woopiedesktop.com

Publisher's description - “Woopie Video DeskTop is, state-of-the-art desktop tool equipped with portal features video. It allows you to download or save the video of video sites around the world Veoh and YouTube, and Dailymotion, and enjoy the converted iPod and PSP, for mobile phones.”

www.woopiedesktop.com

About 8% of users remove it

Scan update_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.