[andy_boot]

I think thats done to fool AV software. - AV software will probably flag up any string which equals "AdobeUpdate-Setup1.exe"

[svachalek]

All AV software is about that dumb as far as I know. Anyone who is depending on AV software to protect things like actual money is in serious trouble.

[andreasvc]

You can't really expect it to do much more in this case, you can make the computation which results in ".exe" arbitrarily complex, and detection needs to be cheap. Ultimately the problem is that AV software is in the business of enumerating badness. You need to do whitelisting, for example of who gets to execute arbitrary code, which is the problem here.