CheckUpdate.exe

File Path: C:\Program Files (x86)\Glary Utilities 5\CheckUpdate.exe
Description: Glary Utilities CheckUpdate

Hashes

Type	Hash
MD5	`5D0D62731FF110F355D225E7B7DABE19`
SHA1	`DA64DD331BC60D12305552B9FC443552EA9F44A7`
SHA256	`6BC585A7170CC66A14D5D288FF4A3F466BD25A2859ADA018582272F2199DFC14`
SHA384	`2D2855A932345F107D6B16D55B30029A9FC0E6265B19694C06A076C4FBB627A52FC802940A8214D055219F07F965BDB5`
SHA512	`9E5419619FB1C967C49CB3562E0996C5C8F067A8E23AAA91AB449B13E72BCEA4714BA8227CA7CAE32306298D3D8748122284BB61CA4348158255B0FFC4AEE06A`
SSDEEP	`768:AagXKDOdccAUaTsiAzOBzzHYER3zzzyfzqhTzEsIXC7fm4lupOcGdMeKggxV1DGu:lgOOdcc6siAzOBzz4EhzzzyfzqhTzEsC`
IMP	`37CFC386A920FA6CC8B3F6CEF5720B5D`
PESHA1	`BFE3727C87458DCBB1118B3168641C522256C693`
PE256	`DEAFA087C92130B061A8EDC22D5DD19177DC0D2E5D04EC79541C32ECF381B6BC`

Runtime Data

Open Handles:

Path	Type
(R-D) C:\Windows\Fonts\StaticCache.dat	File
(R-D) C:\Windows\System32\en-US\mswsock.dll.mui	File
(R-D) C:\Windows\System32\en-US\propsys.dll.mui	File
(R-D) C:\Windows\SystemResources\imageres.dll.mun	File
(RW-) C:\Program Files (x86)\Glary Utilities 5	File
(RW-) C:\Windows	File
(RW-) C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.9625_none_508ef7e4bcbbe589	File
(RW-) C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627	File
(RW-) C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.508_none_429cdbca8a8ffa94	File
(RW-) C:\xCyclopedia	File
\BaseNamedObjects\F932B6C7-3A20-46A0-B8A0-8894AA421973	Section
\BaseNamedObjects\NLS_CodePage_1252_3_2_0_0	Section
\BaseNamedObjects\NLS_CodePage_437_3_2_0_0	Section
\Sessions\1\BaseNamedObjects\UrlZonesSM_user	Section
\Sessions\1\BaseNamedObjects\windows_shell_global_counters	Section
\Sessions\1\BaseNamedObjects\windows_webcache_counters_{9B6AB5B3-91BC-4097-835C-EA2DEC95E9CC}_S-1-5-21-2047949552-857980807-821054962-504	Section
\Sessions\1\Windows\Theme2547664911	Section
\Windows\Theme3854699184	Section

Loaded Modules:

Path
C:\Program Files (x86)\Glary Utilities 5\CheckUpdate.exe
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\wow64.dll
C:\Windows\System32\wow64cpu.dll
C:\Windows\System32\wow64win.dll

Signature

Status: Signature verified.
Serial: 0F05AE21CDC17B9F3CF09D7BFC659BA3
Thumbprint: 362EBB303E088105BDCC07D94E6B7875D30C0D06
Issuer: CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US
Subject: CN=Glarysoft LTD, O=Glarysoft LTD, S=Beijing, C=CN

File Metadata

Original Filename: CheckUpdate.exe
Product Name: Glary Utilities
Company Name: Glarysoft Ltd
File Version: 5, 0, 0, 26
Product Version: 5.0.0.1
Language: Chinese (Simplified, China)
Legal Copyright: Copyright (c) 2003-2020 Glarysoft Ltd
Machine Type: 32-bit

File Scan

VirusTotal Detections: 0/68
VirusTotal Link: https://www.virustotal.com/gui/file/6bc585a7170cc66a14d5d288ff4a3f466bd25a2859ada018582272f2199dfc14/detection/

File Similarity (ssdeep match)

File	Score
C:\program files (x86)\Glary Utilities 5\CheckUpdate.exe	96
C:\Program Files (x86)\Glary Utilities 5\CheckUpdate.exe	94

Possible Misuse

The following table contains possible examples of CheckUpdate.exe being misused. While CheckUpdate.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source	Source File	Example	License
signature-base	apt_wilted_tulip.yar	$c1 = “svchost64.swp",checkUpdate” wide ascii	CC BY-NC 4.0
signature-base	apt_wilted_tulip.yar	$c2 = “svchost64.swp,checkUpdate” wide ascii	CC BY-NC 4.0

MIT License. Copyright (c) 2020-2021 Strontic.