» updater.exe
Overview
Analysis
File Details
Programs (1)

updater.exe

Super Backup Online Backup

Strongvault Online Storage LLC

The application updater.exe, “updater 2.5.0.7 © Stronghold.com, Inc, 2013” by Strongvault Online Storage has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Super Backup Online Backup by Stronghold.com, LLC.

File name:

updater.exe

Publisher:

Stronghold.com (signed by Strongvault Online Storage LLC)

Product:

Super Backup Online Backup

Description:

updater 2.5.0.7 © Stronghold.com, Inc, 2013

Version:

2.5.0.7

MD5:

cde2d95e072aa0b0f64341fa8705352c

SHA-1:

e71d527b9033da582a8b70ffb3b62b79e33e1575

SHA-256:

dbc73dbc70256d0abc68477ecb4fd3d8ba8d22e30912c60303836ebabc6412a1

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

4/20/2024 1:32:27 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Win32.Generic

16.5.22.10

File size:

645.4 KB (660,864 bytes)

Product version:

2.5.0.7

Original file name:

updater.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\super backup online backup\updater.exe

Digital Signature

Signed by:

Strongvault Online Storage LLC

Authority:

VeriSign, Inc.

Valid from:

2/12/2013 6:00:00 PM

Valid to:

2/13/2014 5:59:59 PM

Subject:

CN=Strongvault Online Storage LLC, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Strongvault Online Storage LLC, L=newport beach, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

48A7245B07D6ADFDDD6F3FAC024F13AF

File PE Metadata

Compilation timestamp:

11/29/2012 2:51:03 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

12288:N8QZpwrEZyIhMbiZuHAjIUUyreE0G0Kzq24j81:CQMEDheguHmIUUyreE0j8v4jm

Entry address:

0x106AB

Entry point:

E8, C8, 71, 00, 00, E9, 79, FE, FF, FF, CC, CC, CC, 68, 20, 07, 41, 00, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, 44, D0, 43, 00, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F0, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 83, EC, 18, 53, 8B, 5D... 
[+]

Entropy:

5.9247

Code size:

212 KB (217,088 bytes)

The file updater.exe has been discovered within the following program.

Super Backup Online Backup by Stronghold.com, LLC

Publisher's description - “Super Backup makes backup easy with intelligent system scans that locate and secure your important files, even if they are buried deep in your system. With Super Backup, you never need to fuss with complicated setup screens.”

stronghold.com

58% remove it

Remove updater.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.