opera_autoupdate.exe
- File Path:
C:\program files\Opera\70.0.3728.133\opera_autoupdate.exe - Description: Opera auto-updater
Hashes
| Type | Hash |
|---|---|
| MD5 | 61DCF28553F694EA1F842B839863879E |
| SHA1 | 6617C6E24E3A2F54D8D5F24E44FF28349BDFD4ED |
| SHA256 | 10CC0863CA64D6799E59BD8740DD68159F152F82BD7D621B015AD97AB418C8DE |
| SHA384 | FD41F07F6A91A700C87A4AC7594551C777CDF4AAFC55FE708830834C5BA8E594AFD222CA31D8EDE3AF8D8B91385362B5 |
| SHA512 | 6F2E1F77D265AA7EC058E834F6125065D3A3DB058DDB426E168A1E71469C51EE15F3C5637CC8754EB7D6A3ED531A39C5E23D34DFDE92CC243846AB6CB83AFC1E |
| SSDEEP | 49152:7Y8Q7k8FLtL4bK42e0MV6uLh8yDGCd8+W4p+iMm4QxuqeLD3sFeQSqm5PxTLFVGf:9Q7k85e0ViTRpMDvtqYGKw |
Runtime Data
Child Processes:
opera_autoupdate.exe
Open Handles:
| Path | Type |
|---|---|
| (RW-) C:\Program Files\Opera\70.0.3728.133\icudtl.dat | File |
| (RW-) C:\Users\user\Documents | File |
| (RW-) C:\Users\user\Documents\opera_autoupdate.log | File |
| \BaseNamedObjects__ComCatalogCache__ | Section |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 | Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 | Section |
| \Sessions\1\BaseNamedObjects\windows_shell_global_counters | Section |
Loaded Modules:
| Path |
|---|
| C:\program files\Opera\70.0.3728.133\opera_autoupdate.exe |
| C:\Windows\System32\ADVAPI32.dll |
| C:\Windows\System32\combase.dll |
| C:\Windows\SYSTEM32\credui.dll |
| C:\Windows\System32\CRYPT32.dll |
| C:\Windows\SYSTEM32\CRYPTBASE.DLL |
| C:\Windows\SYSTEM32\dbgcore.DLL |
| C:\Windows\SYSTEM32\dbghelp.dll |
| C:\Windows\System32\GDI32.dll |
| C:\Windows\System32\gdi32full.dll |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\System32\msvcp_win.dll |
| C:\Windows\System32\msvcrt.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\ole32.dll |
| C:\Windows\System32\OLEAUT32.dll |
| C:\Windows\System32\RPCRT4.dll |
| C:\Windows\System32\sechost.dll |
| C:\Windows\System32\SHELL32.dll |
| C:\Windows\System32\SHLWAPI.dll |
| C:\Windows\System32\ucrtbase.dll |
| C:\Windows\System32\USER32.dll |
| C:\Windows\SYSTEM32\USERENV.dll |
| C:\Windows\SYSTEM32\VERSION.dll |
| C:\Windows\System32\win32u.dll |
| C:\Windows\SYSTEM32\WINHTTP.dll |
| C:\Windows\SYSTEM32\WINMM.dll |
| C:\Windows\System32\WINTRUST.dll |
| C:\Windows\System32\WS2_32.dll |
Signature
- Status: Signature verified.
- Serial:
05F4210DB2B283A32FF2AED29FCB68A4 - Thumbprint:
878B0B298671F44FC739C08D826BB22DB1A2A021 - Issuer: CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US
- Subject: CN=Opera Software AS, O=Opera Software AS, L=Oslo, C=NO, SERIALNUMBER=916 368 127, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=NO
File Metadata
- Original Filename:
- Product Name: Opera auto-updater
- Company Name: Opera Software
- File Version: 70.0.3728.133
- Product Version: 70.0.3728.133
- Language: English (United States)
- Legal Copyright: Copyright Opera Software 2020
Possible Misuse
The following table contains possible examples of opera_autoupdate.exe being misused. While opera_autoupdate.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.
| Source | Source File | Example | License |
|---|---|---|---|
| sigma | image_load_uipromptforcreds_dlls.yml | - Image\|endswith: '\opera_autoupdate.exe' |
DRL 1.0 |
| sigma | image_load_wmi_module_load.yml | - '\opera_autoupdate.exe' |
DRL 1.0 |
MIT License. Copyright (c) 2020-2021 Strontic.