home

Updater.exe

CDPWeb Infrastructure

Columbia Data Products, Inc.

The application Updater.exe by Columbia Data Products has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Columbia Data Products, Inc.  (signed and verified)

Product:
CDPWeb Infrastructure

Description:
Updater

Version:
1.3.0 Build 685

MD5:
0af8d9d5e9b508ecb620aa8be45ca647

SHA-1:
50fe01a78c89aeef288fe6b90be439a5fe0a1b49

SHA-256:
df7a72c1d2c8ef7c34f56e3dc8d42f10ffd400a82e22a61a96c4c706d4f0b38f

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 4:47:02 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.SearchP.Malware360.H
14.10.9.23

File size:
650.5 KB (666,128 bytes)

Product version:
1.3.0 Build 685

Copyright:
Copyright (C) 2014

Original file name:
Updater.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\cdp\cdpweb\updater.exe

Digital Signature
Signed by:
Columbia Data Products, Inc.

Authority:
VeriSign, Inc.

Valid from:
3/24/2014 8:00:00 PM

Valid to:
4/24/2015 7:59:59 PM

Subject:
CN="Columbia Data Products, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Columbia Data Products, Inc.", L=Altamonte Springs, S=Florida, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5D7BD4CD4181A98E6CA821F0F5292143

File PE Metadata
Compilation timestamp:
10/2/2014 3:21:23 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:EuB+nq7eDvTj9wBH8fBOOcaeKSyAOJXgos3MMd:EuYnq7mDOOcrKXfXstd

Entry address:
0x3F5EA

Entry point:
E9, 71, 1E, 02, 00, E9, CC, 8B, 02, 00, E9, 47, C8, 00, 00, E9, 62, 58, 03, 00, E9, 0D, 71, 01, 00, E9, 58, 2B, 02, 00, E9, C3, 23, 06, 00, E9, CE, A4, 00, 00, E9, 05, 61, 07, 00, E9, C4, F7, 06, 00, E9, DF, C3, 00, 00, E9, DA, D2, 00, 00, E9, 35, D4, 03, 00, E9, 50, 10, 02, 00, E9, 1B, 61, 02, 00, E9, E6, A3, 00, 00, E9, 81, DF, 00, 00, E9, AC, 2A, 02, 00, E9, 97, 23, 01, 00, E9, 72, 33, 06, 00, E9, ED, 60, 07, 00, E9, 78, CF, 06, 00, E9, 33, 7C, 05, 00, E9, FE, 8B, 01, 00, E9, D9, 70, 01, 00, E9, F6, 5F...
 
[+]

Entropy:
5.6352

Developed / compiled with:
Microsoft Visual C++ 8.0 (Debug)

Code size:
512 KB (524,288 bytes)

Remove Updater.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.