Threat Database Adware Adware.OpenSUpdater.RA

Adware.OpenSUpdater.RA

By CagedTech in Adware

Threat Scorecard

Popularity Rank: 9,837
Threat Level: 20 % (Normal)
Infected Computers: 545
First Seen: September 22, 2023
Last Seen: April 16, 2026
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Adware.OpenSUpdater.RA
Signature status: Self Signed

Known Samples

MD5: d835a2a9dd03e4b23fe95fa04c606886
SHA1: 17f5afcc449d2d88bf068797f9e340ad72f0826a
File Size: 3.87 MB, 3873056 bytes
MD5: a82d2d763b433bcf89df04258f733108
SHA1: b7b5e0862b850f2035f0be4c2690b5d5aa5b08d5
File Size: 3.87 MB, 3873048 bytes
MD5: 80d98989984302945a029a0e7b081d0c
SHA1: c0b26aec09ccd2c6f1f1e910433f3046f10ed3ac
File Size: 3.87 MB, 3873096 bytes
MD5: 6fb39cb22fa18c392d95f4da112751c7
SHA1: a15597ed2920f4f934a6a4d7d5dfde2f2e9bfbd3
File Size: 4.97 MB, 4966704 bytes
MD5: e1b6c24e1950abf86ba38d61cca254c2
SHA1: 9816f9b68f8a2cb223ab34fbc7a478f0ce2ab8e5
File Size: 4.97 MB, 4966720 bytes
Show More
MD5: a8678bc9ee73e6efb4cf8ae8498ee891
SHA1: ae483a9370909bac5a257faa1cd9f5bab871db85
SHA256: C93C3E046AAD31A32ADDA97B5783B3F2DD1C847DEC7CB5D00F8B5550D8B9D105
File Size: 4.97 MB, 4966688 bytes
MD5: 6508e479bdd214cb875fb72f3c41cdf8
SHA1: 69c8061aaac5c10bdd200f22984ae44f9b7785c0
SHA256: 33FABD47842508AE1685BC967815259313B21B7638B8B93999433D1BA999FE37
File Size: 4.94 MB, 4941600 bytes
MD5: 19f6b399e6233e669e61fcf8c24e7114
SHA1: 3a9ccee69eb0d4e450a3a67e1307b8f4ff9a3ea8
SHA256: B0ABD6D0FC74529AD02F01CD229DE292E6DC2DD5A5319F60AEC2B9B5EEE3F8C9
File Size: 4.97 MB, 4966688 bytes
MD5: 72065257eab63dca86922066e5ed5806
SHA1: 5c9c20c0207c17d11755c5b09cc505d7866a480d
SHA256: AE77E7DB338D4E6DA82DB1F5B1C0EBCA4835A1480980B24EFF2C733927F62B67
File Size: 4.81 MB, 4805920 bytes
MD5: 7094cc0ac34c789c5e3415106f11abfe
SHA1: 3dc03d8fb9038dd3132a7d28d6591f28252db3d8
SHA256: 783696EBBE647D78E34338612F65EB1B977AEA15E1F629CDBBEFC3B8D1E13AB8
File Size: 4.97 MB, 4966688 bytes
MD5: 8ab24043b4f1ca9c1eec31fa78acb391
SHA1: 464ca1b3086927463d988ad773f86e1d78c59af1
SHA256: 1CE4B6C25F239F5132A3F65F726DD9E8240CF24C4089EA1CE18E48BE705E6A4A
File Size: 4.97 MB, 4966696 bytes
MD5: 0f5a068abcb35ad89cf80c88a528c26d
SHA1: a382677333e1a821d24748da7c25e325d7d9bac9
SHA256: C8E33F3487538C87152786BA19B7C4F132E9A772EB34624BCDB36EC0BA012527
File Size: 4.97 MB, 4966744 bytes
MD5: 8365c16e1bda446e18956ff6bdf68f0c
SHA1: 8c2105d9491c241b159891e80eb5fc633561bda3
SHA256: C16AC4B17259B427E9FC09EDA709075F7BB1C355DD76BA4E69F94158EFFD1230
File Size: 4.97 MB, 4966680 bytes
MD5: b47c014ed827741aeebcfefba341919d
SHA1: 3163c19e55f1897fa341f8e38bcf8affc01ffe6c
SHA256: F7AF0594DD79B86B933D94456119B4593A5DC09208DDC8994B19821F8041BA44
File Size: 4.97 MB, 4966664 bytes
MD5: 9d281a9eb24307d67e35d7ab5d194380
SHA1: f1b8007dc747cf1db930ba88ae8ca1bf238d1e60
SHA256: 5A62062A4D7E6FB0F3DF31FE27BB41071477CA540E14C271AA9AC7ED2F5513F1
File Size: 4.97 MB, 4966688 bytes
MD5: 317b85555eec77695c5e807f5923d9e0
SHA1: e30a1a55c37fb32c6f80f41138055bb906abe8b8
SHA256: F4CB6F1E3A99A17629CA53BF3D4298C0C9097E578170378AAA3D4E9EC6FA36A9
File Size: 3.87 MB, 3873080 bytes
MD5: 914b61e2c71cd8e771659f9a6e1de8e4
SHA1: 73b5ab4a16e4981631431afebd0b2255fbbfe869
SHA256: 1A7D3DA424C3ED150ACDC3942CB23CF3F0E300C09B89111A2E807FA085646485
File Size: 3.87 MB, 3873048 bytes
MD5: 1ba146320c0a48ba747ecd11f286ac36
SHA1: bbd883dfa96631f17400a1e464b45c4f17cdcd6c
SHA256: ABCBAC0C53B39216B4496A5CE238860ACD8BC6A26E31227658F1AC2F5212446B
File Size: 4.97 MB, 4966664 bytes
MD5: 58a6dbe3bf0b2d5c5c73ee5f2468bcbb
SHA1: 4fcecf000bd762ab5c1ae8852f91b008c684489e
SHA256: AB8828C7BC70F1E6E64B4ECF5FE7C186269EA66925E7BFCF548BEEEEEDC95E88
File Size: 3.87 MB, 3873048 bytes
MD5: 347940557e36dfd1f8b0635912cb784c
SHA1: e633a2d1627cba5c44395e8a4ac9e609616fd89e
SHA256: B57FF13DDB8F89F892F1F62BB118C648A0BD12DF185C4544AF26A35F67331620
File Size: 3.87 MB, 3873056 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Company Name NirSoft
File Description
  • UninstallView
  • UnlnstallView
File Version 1.51
Internal Name
  • UninstallView
  • UnlnstallView
Legal Copyright Copyright © 2017 - 2024 Nir Sofer
Original Filename
  • UninstallView.exe
  • UnlnstallView.exe
Product Name
  • UninstallView
  • UnlnstallView
Product Version 1.51

Digital Signatures

Signer Root Status
Ask Tent (downward) Against Self Signed
Get Hook Carpet Nasty Self Signed
Appal Stocking Check Judicial Self Signed
Flaw Try Count Ambulance Self Signed
Front Adorn Cucumber Shake Self Signed
Show More
Sow Cucumber Discuss Waste Self Signed
Shift Off Disorder Mark Self Signed
Turn Experience Expenditure Liaison Self Signed
Prompt Haste Factory Supply Self Signed
Summon Tear Feasible Listen Self Signed
Massacre Syringe Incur Commitment Self Signed
Wretched Shave Instance Superior Self Signed
Poor Turn Mental Cotton Self Signed
Savage Pivot Opaque State Self Signed
Appreciate Quarter Option Replicate Self Signed
Pull Layout Pedestrian Will Self Signed
Assign Bachelor Pound Wrestle Self Signed
Pass Temple Rely Absorb Self Signed
Grope Nurture Review Mainland Self Signed
Roll Put Sheet Thaw Self Signed

File Traits

  • big overlay
  • Installer Version
  • x86

Block Information

Total Blocks: 2,384
Potentially Malicious Blocks: 1,206
Whitelisted Blocks: 1,178
Unknown Blocks: 0

Visual Map

0 0 0 0 x x x x x 0 0 0 0 x 0 0 x 0 1 0 x x x 0 0 x 0 x x x x x x x x x x x x x x x x 0 0 0 0 0 1 1 1 1 1 1 1 x x x x 0 x x x 0 x 0 x 0 x 0 x 0 x 0 x x 0 0 0 0 x x x 0 x x x x 0 x x x 0 0 x x 0 x x x x x 0 x x x x x x x x x x 0 0 0 0 x 0 0 x 0 0 0 0 0 x x x 0 0 x 0 x x x x x 0 0 x 0 x x x 0 x x x x x 0 x x x x 0 x x x x x x x 0 x x x x x x x x x x x x 0 x x x x 0 0 0 0 x x x x 0 0 0 0 0 x x x 0 0 0 0 0 x 0 x 0 0 x 0 0 x 0 0 x x 0 0 0 0 x x 0 x 0 0 0 0 x x 0 x x x x x 0 x x x 0 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 0 x x x x x x x x x x x x x x x x x x x x x x x 0 0 x x x x x x x x x 0 0 0 x x x x 0 0 x x x x x x x x 0 x x x x x x x x x 0 x x 0 0 x x x x x 0 x 0 0 0 x x 0 x x 0 0 x x 0 0 0 x 0 0 0 x 0 x x x x x x x x x x x 0 0 0 x x 0 0 0 0 0 x x 0 0 0 0 0 0 0 x 0 x x x x x x x x x 0 0 0 x x x 0 0 x 0 x x x x x x x x x x x 0 0 0 0 0 x x x x x x x 0 0 x x x 0 0 0 0 x x 0 x x x x 0 0 0 0 0 0 x 0 0 0 x x x x x x x x x 0 x x x x x 0 x 0 x 0 0 0 x x x x 0 x x x x x x 0 x x x x x x 0 x x x 0 x x 0 0 0 x x 0 x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x 0 x x x x x x x x x x x 0 x x x x x 0 x 0 0 0 0 0 0 x x x 0 x x 0 x x 0 x 0 x x x x 0 x x 0 0 0 0 x x x 0 0 0 x 0 0 0 0 x 0 x 0 x 0 0 0 x 0 0 0 0 0 0 0 x 0 0 x x x 0 x 0 0 0 x x 0 x x x 0 0 0 0 0 x x x x 0 x x x x 0 0 x 0 0 0 x x 0 0 x x 0 0 x x 0 0 0 0 0 x x x 0 x x 0 0 0 x x 0 0 0 x 0 x x x x 0 0 x x 0 0 0 0 0 x x 0 0 x x x x x 0 0 0 x x x x x x x x x 0 0 0 0 0 x x x x x 0 x x 0 0 x x x x x 0 0 x x x x 0 0 0 x x 0 x x 0 0 x x x 0 0 0 0 0 0 x x x 0 0 x x x 0 0 x 0 x 0 x x x 0 0 0 0 0 0 x 0 0 0 0 0 0 0 x x x x 0 x 0 0 x x x x x x x x x x x x x x x x x x 0 x x x x x x x x 0 x x x x x x x x 0 x x x x x 0 x x x 0 x x x x 0 x x x x x x 0 x 0 x x x x x x 0 x 0 0 x 0 0 0 0 0 0 x x 0 x 0 x x 0 0 0 0 x x x 0 x x x x 0 0 x x x x x x x x x x x x x x x x x 0 x x x x 0 0 0 x 0 x x 0 x x x x 0 0 x x 0 0 0 x x x 0 x x x x x 0 x 0 x 0 x x x x 0 x 0 x 0 0 x 0 0 x 0 0 x x x x x x x x x 0 0 x 0 x x 0 0 0 x x 0 0 x x x 0 0 0 x x x x x 0 x x 0 0 x x x x x x x x x x x x x x x x 0 x 0 0 x x 0 0 x x x x 0 0 x x x 0 0 0 0 x 0 0 x x 0 0 x x x 0 x 0 0 x 0 0 0 0 0 x x x 0 0 x x x 0 0 x x x x x x 0 0 0 x x x x x 0 0 x x 0 x x x 0 x 0 0 0 x x x x 0 0 x x x x x x 0 0 0 x x x 0 0 0 x 0 x x x x x x 0 0 0 0 0 x 0 0 x x x 0 x 0 0 0 0 0 0 x x 0 x 0 x 0 x 0 x x 0 0 0 0 0 x 0 0 0 0 0 x x 0 x x x 0 0 x x x x x 0 x x 0 0 0 x x x x 0 x x x x x x 0 x 0 0 x 0 x x 0 0 x 0 0 0 x x x 0 0 x 0 0 x x x x x x x x 0 x 0 x x 0 x 0 0 0 x x x x 0 x x x 0 0 0 0 x x x x x 0 x 0 0 0 0 0 x x x x 0 0 0 0 x 0 x 0 x 0 x x x x x 0 x x x x 0 0 x 0 x 0 0 x x 0 x x x 0 x 0 x x x 0 x x x x x x x x x x 0 0 x x x 0 x 0 x 0 x 0 x x x x 0 x x 0 x x 0 x 0 x x x x x 0 x x x 0 x 0 x x x 0 0 x x x x x x 0 x 0 x 0 x x 0 x 0 x x x x x x x x x x x 0 0 0 x 0 0 x x 0 0 x 0 x x 0 x x 0 x x 0 x x x x 0 x x 0 x x x 0 x x x x x 0 x x x 0 x x x x x x x x x x x x x x x x 0 0 x 0 x 0 0 0 x 0 0 0 0 x x x x x x x x 0 0 0 x 0 x 0 x x x x 0 0 x x x x x x x x x x x x x x 0 x x x 0 x x x x x 0 0 x x 0 x x 0 0 x x 0 0 0 x 0 0 0 x 0 x x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 x x 0 0 x 0 0 x x x x 0 0 0 0 0 0 0 x x x x x x x x x x 0 x x x x x x x x x x x x x 0 0 x x 0 x x x 0 0 0 0 0 x x x x x x x x x 0 x x 0 x x 0 x x x x x x 0 0 0 0 x 0 0 0 x x x x 0 0 x x 0 x x 0 x x 0 x x 0 0 x x x x x 0 x x x x x x x 0 0 x x x x 0 x 0 x 0 x x x x 0 x 0 0 0 0 x x 0 0 0 0 0 x 0 0 x x x x x 0 x 0 0 0 x 0 x x x x x x x 0 x x x x x 0 x x x x x x x x x x x x 0 x x 0 x 0 0 x x x x x x x x x x x x x x x x x 0 x x x x x x x x 0 x x 0 x x x x x 0 x x x x x 0 0 0 0 x 0 0 x x x 0 0 x x x x 0 0 x x 0 x x x x x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x x x x x x x x x x x x x 0 x 0 x 0 0 x 0 0 0 0 0 x 0 x 0 0 0 0 0 x 0 0 x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 x 0 0 x 0 0 x 0 0 0 0 0 0 0 0 x x 0 0 0 0 0 x x x 0 0 0 0 0 x x x x 0 0 0 0 x x 0 0 x 0 0 x 0 0 0 0 0 0 0 1 1 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 1 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 1 1 0 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 1 0 0 1 1 0 1 0 0 1 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
... Data truncated
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • OpenSUpdater.RA

Files Modified

File Attributes
\device\namedpipe\gmdasllogger Generic Write,Read Attributes

Windows API Usage

Category API
Anti Debug
  • IsDebuggerPresent
User Data Access
  • GetUserObjectInformation

Trending

Most Viewed

Loading...