opera_autoupdate.exe

  • File Path: C:\Program Files\Opera\71.0.3770.171\opera_autoupdate.exe
  • Description: Opera auto-updater

Hashes

Type Hash
MD5 7B62A78C1E06BB7D0AA3E90B6FBF3D42
SHA1 012D5807B61F67423C05512AFDB549CDDDDE9523
SHA256 FC9DA355C5A97F03192F1CDF7673ED120F4CEAFCE6D73DAB8DADE8DC5B8C7F58
SHA384 048ACEC750F8E04E623F397A3FF2A057BA55AB5214722B16FDEFD64C61E5AA225EC3283F60161CDCC61B51F468043338
SHA512 1D8AFC0393E5635BB168833279A198C158DD2A528EB5271E4228F39F0DE2BA8424B02BB65946D4CECBBE956E01C8CA704BE8DBC1FE373B37A0B46521F817C683
SSDEEP 49152:Lq/sdbLXLWSYbzS0ZvJGhi+2oW4GjPC9q09oyFuEYtOXWlvybRnLwy+Tx/fbV:lbuX2XGKzVFZXnL6bV
IMP CC18B164E23A63D3A4EB95E97D0EEDFE
PESHA1 179090496D77CCCEBDE01A3A3C7B09597E0B4218
PE256 71B3BADDB9A473343CE73C3FF00CC04713CC7AF1615D6AC568EA08FD9684F6BF

Runtime Data

Child Processes:

opera_autoupdate.exe

Open Handles:

Path Type
(RW-) C:\Program Files\Opera\71.0.3770.171\icudtl.dat File
(RW-) C:\xCyclopedia File
(RW-) C:\xCyclopedia\opera_autoupdate.log File
\BaseNamedObjects__ComCatalogCache__ Section
\BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 Section
\BaseNamedObjects\NLS_CodePage_437_3_2_0_0 Section
\Sessions\1\BaseNamedObjects\windows_shell_global_counters Section

Loaded Modules:

Path
C:\Program Files\Opera\71.0.3770.171\opera_autoupdate.exe
C:\Windows\System32\ADVAPI32.dll
C:\Windows\System32\combase.dll
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\System32\msvcp_win.dll
C:\Windows\System32\msvcrt.dll
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\OLEAUT32.dll
C:\Windows\System32\RPCRT4.dll
C:\Windows\System32\sechost.dll
C:\Windows\System32\ucrtbase.dll

Signature

  • Status: Signature verified.
  • Serial: 05F4210DB2B283A32FF2AED29FCB68A4
  • Thumbprint: 878B0B298671F44FC739C08D826BB22DB1A2A021
  • Issuer: CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US
  • Subject: CN=Opera Software AS, O=Opera Software AS, L=Oslo, C=NO, SERIALNUMBER=916 368 127, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=NO

File Metadata

  • Original Filename:
  • Product Name: Opera auto-updater
  • Company Name: Opera Software
  • File Version: 71.0.3770.171
  • Product Version: 71.0.3770.171
  • Language: English (United States)
  • Legal Copyright: Copyright Opera Software 2020
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/71
  • VirusTotal Link: https://www.virustotal.com/gui/file/fc9da355c5a97f03192f1cdf7673ed120f4ceafce6d73dab8dade8dc5b8c7f58/detection/

Possible Misuse

The following table contains possible examples of opera_autoupdate.exe being misused. While opera_autoupdate.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
sigma image_load_uipromptforcreds_dlls.yml - Image\|endswith: '\opera_autoupdate.exe' DRL 1.0
sigma image_load_wmi_module_load.yml - '\opera_autoupdate.exe' DRL 1.0

MIT License. Copyright (c) 2020-2021 Strontic.