» driver34f859e0drv.cpl
Overview
Analysis
File Details

driver34f859e0drv.cpl

The file driver34f859e0drv.cpl has been detected as malware by 17 anti-virus scanners. According to AVG, this software downloads additional adware offers during setup.

File name:

MD5:

eed1e72246d68d4f1138d3e89cfaa53b

SHA-1:

351ca86f9983e80e0a7e9a9bb9a5223e04e0d4f4

SHA-256:

82417c89fb8c10ec4f913d047363369572e4e162ba4918c370e0e448da49cf23

Scanner detections:

17 / 68

Status:

Malware

Analysis date:

4/26/2024 6:27:06 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.11811085

800

Agnitum Outpost

Trojan.ATRAPS

7.1.1

AhnLab V3 Security

Malware/Win32.Generic

2014.11.27

Avira AntiVirus

TR/ATRAPS.Gen

7.11.30.172

avast!

Win32:Malware-gen

141119-1

AVG

Trojan horse Downloader.Banload2.PMJ

2014.0.4189

Bitdefender

Trojan.Generic.11811085

1.0.20.1650

Emsisoft Anti-Malware

Trojan.Generic.11811085

9.0.0.4570

F-Secure

Trojan.Generic.11811085

11.2014-26-11_4

G Data

Trojan.Generic.11811085

14.11.24

IKARUS anti.virus

Trojan-Downloader.Banload2

t3scan.1.8.3.0

K7 AntiVirus

Riskware

13.186.14150

MicroWorld eScan

Trojan.Generic.11811085

15.0.0.990

nProtect

Trojan.Generic.11811085

14.11.26.01

Panda Antivirus

Trj/Genetic.gen

14.11.26.05

Sophos

Mal/Inject-CEE

4.98

VIPRE Antivirus

Threat.4150696

35088

File size:

188.8 KB (193,329 bytes)

Common path:

C:\Documents and Settings\{user}\AppData\driver34f859e0drv.cpl

File PE Metadata

Compilation timestamp:

8/21/2014 8:23:44 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

3072:0DceUsWEVYdGiTwyg5PCWhe6PnzBXyCwPRu888888888888W88888888888D58Pw:4ceNW61OBqzWM888888888888W88888P

Entry address:

0x1A26C

Entry point:

55, 8B, EC, 83, C4, C0, B8, 1C, 6C, 41, 00, E8, 98, E7, FE, FF, E8, E7, B4, FE, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

100 KB (102,400 bytes)

Remove driver34f859e0drv.cpl - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.