» Updater.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)
Network (1)

Updater.exe

FriedCookie Updater

Fried Cookie Ltd

The Fried Cookie installer utilizes the InstallCore download manager which may bundle additional offers for various ad-supported toolbars, extensions and utilities. The application Updater.exe by Fried Cookie has been detected as adware by 4 anti-malware scanners. The program is a setup application that uses the installCore installer. It runs as a scheduled task under the Windows Task Scheduler triggered daily at a specified time. This file is typically installed with the program Fried Cookie Updater by Fried Cookie Ltd which is a potentially unwanted software program.

File name:

Updater.exe

Publisher:

FriedCookie (signed by Fried Cookie Ltd)

Product:

FriedCookie Updater

Version:

1.0.0.0

MD5:

2fa6e4f7fd15961eb9775df4525677a7

SHA-1:

349ae2a9295a68cd2e51273d04391d42dcbbe56c

SHA-256:

67c4240985089d1173e31b6a4f8cc26f0100616edc606dc7476114f7ac2fcbdc

Scanner detections:

4 / 68

Status:

Adware

Description:

This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:

8/3/2025 1:10:05 AM UTC (today)

Scan engine

Detection

Engine version

Malwarebytes

PUP.Optional.Volaro.A

v2015.04.09.03

Qihoo 360 Security

Trojan.Generic

1.0.0.1015

Reason Heuristics

PUP.Optional.Task.FriedCookie.H

14.3.1.14

VIPRE Antivirus

Vonteera

23616

File size:

273.6 KB (280,128 bytes)

Product version:

1.0.0.0

Original file name:

Updater.exe

File type:

Executable application (Win32 EXE)

Bundler/Installer:

installCore

Language:

English (United States)

Common path:

C:\Program Files\fried cookie\updater\updater.exe

Digital Signature

Signed by:

Fried Cookie Ltd

Authority:

Thawte, Inc.

Valid from:

5/2/2012 9:00:00 PM

Valid to:

5/3/2014 8:59:59 PM

Subject:

CN=Fried Cookie Ltd, O=Fried Cookie Ltd, L=Tel Aviv, S=Israel, C=IL

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

3739B9B5702964D0DD4429F69D6595EC

File PE Metadata

Compilation timestamp:

6/3/2012 12:24:47 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

6144:CvpU2qDbBzsU8UQHeVaRLgEgmEOmPQoYkrsxBtF:o3U8fHeVaRsEgmEhPQo7oBtF

Entry address:

0x16408

Entry point:

E8, 74, 36, 00, 00, E9, 79, FE, FF, FF, 3B, 0D, B4, 4C, 43, 00, 75, 02, F3, C3, E9, F6, 36, 00, 00, 8B, FF, 55, 8B, EC, 56, 8B, 75, 14, 57, 33, FF, 3B, F7, 75, 04, 33, C0, EB, 65, 39, 7D, 08, 75, 1B, E8, D6, 17, 00, 00, 6A, 16, 5E, 89, 30, 57, 57, 57, 57, 57, E8, 6E, 3C, 00, 00, 83, C4, 14, 8B, C6, EB, 45, 39, 7D, 10, 74, 16, 39, 75, 0C, 72, 11, 56, FF, 75, 10, FF, 75, 08, E8, B5, 37, 00, 00, 83, C4, 0C, EB, C1, FF, 75, 0C, 57, FF, 75, 08, E8, 14, 18, 00, 00, 83, C4, 0C, 39, 7D, 10, 74, B6, 39, 75, 0C, 73... 
[+]

Code size:

154 KB (157,696 bytes)

Scheduled Task

Task name:

Fried Cookie Update

Trigger:

Daily (Runs daily at 9:12)

The file Updater.exe has been discovered within the following program.

Fried Cookie Updater by Fried Cookie Ltd

Fried Cookie Updater is the software update program installed with all Fried Cookie apps that runs with Windows in the background and checks for updates, and automatically downloads and installs them if found based on the user's settings.

www.friedcookie.com

About 74% of users remove it

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):

Connects to ec2-23-21-48-126.compute-1.amazonaws.com (23.21.48.126:80)

Remove Updater.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.