home

driveman.exe

alexnolan.net

Publisher:
alexnolan.net

Version:
4.16.0.0

MD5:
a48d8e0a98484bde650d2f763fde5b0a

SHA-1:
266e3fc8e570444f713d10d3270f0344bfb50a7a

SHA-256:
4378e7eeb527e5c13244e8995214ce7367eea26d657e56bf50ae68615fbed836

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 2:05:26 PM UTC  (today)

File size:
1.2 MB (1,269,248 bytes)

Product version:
2.12

File type:
Executable application (Win32 EXE)

Language:
English (United Kingdom)

File PE Metadata
Compilation timestamp:
6/19/1992 11:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:mCbt1FOqQaShlVgchj4qbSUP9+J+wLWh:m0Z4HVPdLPOtk

Entry address:
0xC9F7C

Entry point:
55, 8B, EC, 83, C4, F0, 53, B8, C4, 9B, 4C, 00, E8, 5F, CB, F3, FF, 8B, 1D, 70, D2, 4C, 00, 8B, 03, E8, 12, D1, FB, FF, 8B, 0D, A0, D3, 4C, 00, 8B, 03, 8B, 15, 48, 4A, 4C, 00, E8, 17, D1, FB, FF, 8B, 0D, 54, D0, 4C, 00, 8B, 03, 8B, 15, 00, 8E, 4B, 00, E8, 04, D1, FB, FF, 8B, 0D, A4, D0, 4C, 00, 8B, 03, 8B, 15, 5C, 93, 4B, 00, E8, F1, D0, FB, FF, 8B, 0D, 98, D1, 4C, 00, 8B, 03, 8B, 15, 58, 96, 4B, 00, E8, DE, D0, FB, FF, 8B, 0D, 08, D3, 4C, 00, 8B, 03, 8B, 15, 58, 94, 4C, 00, E8, CB, D0, FB, FF, 8B, 0D, 98...
 
[+]

Entropy:
6.5054

Developed / compiled with:
Microsoft Visual C++

Code size:
804.5 KB (823,808 bytes)

The file driveman.exe has been seen being distributed by the following 6 URLs.

http://files.downloadnow.com/s/software/12/62/21/.../DriveMan.exe

http://gsf-cf.softonic.com/266/e3f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=36356&instance=softonic_br&type=PROGRAM&Expires=1469371215&Signature=Vf21fF2DYGARu7af6bhk7drnpK-DZNykKJsNmPXUMLuyVUiFKP0r77DAPu8-ZkfzcRBzCGs797U8szZ5UUr9GwMVfa-K7ZA15Xp6D-aerbwGcys~qfAU8K499BOkltsnhoHxo3zvpM8g4E215z1zBm172ATt-MGKYaUrFuQ3YeI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=DriveMan.exe

http://gsf-cf.softonic.com/266/e3f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=36356&instance=softonic_br&type=PROGRAM&Expires=1453021845&Signature=RDl9mJMTq6SmnzqlNYcYs0fITJ5g08bxSnZg2lXhoSYVddO1UWDVXi3et7tUKV2W-m4PXJIBgFA7LrObHZVUa2CNCSeDmgVmD6k2zIVUrmb8-RgycU7lG7NINSvgMc-oDsoLgm9j8W59aGO4uIRJGcxOsiqQJbcwr0rnuw4NihU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=DriveMan.exe

http://gsf-cf.softonic.com/266/e3f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=36356&instance=softonic_es&type=PROGRAM&Expires=1463060893&Signature=XOlt3tevmFH4~JiuPi244pA70qCUHzFB6w5toZfPatCQCx9~jyfXe3AeazJtz2U0hVSbE9enMz-Jcd5FFitbHEPh6DoMW2avL-Ze03eSyg5vc3sznK6SYUoGVFHWWdOIsahqfpSDjW9cwkqcZ9vLESdo0~ZU8ZLjTnt2hzjrpVg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=DriveMan.exe

http://www.alexnolan.net/.../DriveMan.exe

http://lb.cdn.m6web.fr/d/c/a/0eacdb7b29a4977aadc0dcaa7609a8cc/55a8c1af/soft/.../drive-manager_drive_manager_4.20_francais_127066.exe

Scan driveman.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.