home

ddsos.exe

Drive SOS

Disk Doctor Labs Inc

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘DD-DRIVESOS’.
Publisher:
Disk Doctor Labs, Inc.  (signed by Disk Doctor Labs Inc)

Product:
Drive SOS

Description:
ddsos.exe

Version:
1.0.0.13

MD5:
b9c9f43826b4abf93ed5c4b5e115ddc2

SHA-1:
32ab8870ea4387b04bc5f19e8e46c284785831e5

SHA-256:
26dc28f86e30691161306a00a07f3704f395157ebcc4406c8d679da2bf452a0c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 12:34:20 AM UTC  (today)

File size:
4.7 MB (4,977,592 bytes)

Product version:
1.0.0.13

Copyright:
Copyright © Disk Doctor Labs, Inc., All rights reserved.

Trademarks:
Copyright © Disk Doctor Labs, Inc., All rights reserved.

Original file name:
ddsos.exe

File type:
Executable application (Win32 EXE)

Language:
Arabic (Egypt)

Common path:
C:\Program Files\disk doctors drive manager\ddsos.exe

Digital Signature
Signed by:
Disk Doctor Labs Inc

Authority:
The USERTRUST Network

Valid from:
5/26/2009 2:00:00 AM

Valid to:
5/27/2011 1:59:59 AM

Subject:
CN=Disk Doctor Labs Inc, OU=Software Division, O=Disk Doctor Labs Inc, STREET=5555 Oakbrook Parkway, STREET=Suite 115, L=Norcross, S=GA, PostalCode=30093, C=US

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
00EFB9A9EB217617D28D3F6A79C770FEE7

File PE Metadata
Compilation timestamp:
11/19/2009 1:55:30 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
83.82

CTPH (ssdeep):
49152:5wW3GmpOfT03SLFvmT6BvhWC/I5qtSeoB3Zg3qHvTnx9q+rxUkh4MrOghxXhDvhw:zpx34m2I58SeG9qPe4if3Dp8j

Entry address:
0xC1000

Entry point:
60, E8, 00, 00, 00, 00, 5D, 50, 51, 0F, CA, F7, D2, 9C, F7, D2, 0F, CA, EB, 0F, B9, EB, 0F, B8, EB, 07, B9, EB, 0F, 90, EB, 08, FD, EB, 0B, F2, EB, F5, EB, F6, F2, EB, 08, FD, EB, E9, F3, EB, E4, FC, E9, 9D, 0F, C9, 8B, CA, F7, D1, 59, 58, 50, 51, 0F, CA, F7, D2, 9C, F7, D2, 0F, CA, EB, 0F, B9, EB, 0F, B8, EB, 07, B9, EB, 0F, 90, EB, 08, FD, EB, 0B, F2, EB, F5, EB, F6, F2, EB, 08, FD, EB, E9, F3, EB, E4, FC, E9, 9D, 0F, C9, 8B, CA, F7, D1, 59, 58, 50, 51, 0F, CA, F7, D2, 9C, F7, D2, 0F, CA, EB, 0F, B9, EB...
 
[+]

Entropy:
7.4922

Packer / compiler:
ASPack v1.08.04

Code size:
448 KB (458,752 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
DD-DRIVESOS

Command:
"C:\Program Files\disk doctors drive manager\ddsos.exe" " -hide"


Scan ddsos.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.