» DriverGenius.exe
Overview
Analysis
File Details

DriverGenius.exe

Driver Genius Professional Edition

Wuhan Jiduo Information Technology Co.,Ltd.

The application DriverGenius.exe by Wuhan Jiduo Information Technology Co.,Ltd has been detected as a potentially unwanted program by 2 anti-malware scanners.

File name:

DriverGenius.exe

Publisher:

Driver-Soft Inc. (signed by Wuhan Jiduo Information Technology Co.,Ltd.)

Product:

Driver Genius Professional Edition

Version:

9.00.0176

MD5:

346880ad0708d1bd8ebb23c88674bd4e

SHA-1:

c66685eeb0f4a15b048b08374c3e9041cf9dc7db

SHA-256:

d2197b42296350fd759076724b3e9a28f9f468a1aacc6c7e095db7adc44e9284

Scanner detections:

2 / 68

Status:

Potentially unwanted

Analysis date:

4/25/2024 9:37:14 PM UTC (today)

Scan engine

Detection

Engine version

Clam AntiVirus

PUA.Packed.ASPack

0.98/17411

Reason Heuristics

Win32.Generic.WuhanJiduoInformationTechnology.Meta

15.9.1.17

File size:

2.8 MB (2,970,752 bytes)

Product version:

9.00.0176

Original file name:

DriverGenius.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\driver-soft\drivergenius\drivergenius.exe

Digital Signature

Signed by:

Wuhan Jiduo Information Technology Co.,Ltd.

Authority:

WoSign, Inc.

Valid from:

5/22/2008 1:00:00 AM

Valid to:

5/23/2010 12:59:59 AM

Subject:

CN=Driver-Soft.com, OU=Class 3 - for Microsoft Authenticode Signing, O="Wuhan Jiduo Information Technology Co.,Ltd.", L=Wuhan, S=Hubei, C=CN

Issuer:

CN=WoSign Code Signing Authority, O="WoSign, Inc.", C=US

Serial number:

79E59F0AC0FF47090A57C16B38B1BD

File PE Metadata

Compilation timestamp:

6/17/2009 4:29:51 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

49152:0Mnh1BC23ivu9+wkNqBMRvW9ukLyaU461aHoa3uZVyknyodPBDxndAhd04rlx08P:NLb3P9+wk4BieuYyeHRuHvBbQdFSm9Yw

Entry address:

0x1000

Entry point:

68, 01, B0, 7E, 00, E8, 01, 00, 00, 00, C3, C3, AB, 2E, FA, AA, E2, 02, E0, E7, 63, 31, 44, 34, 7C, 11, 58, EE, 9E, BE, 58, 98, D2, 32, 2C, 96, 39, 36, F8, B2, 08, 38, 57, 9D, 2B, AF, DA, C9, 4B, DF, AC, 91, 4E, 33, 7C, D6, 77, DC, 80, 97, AC, 60, 0D, 80, 36, 9B, D0, CD, FC, 3A, 98, 23, F1, 59, BA, CD, 82, EA, 5E, C4, FA, C1, CE, A9, 0D, A5, 6A, 83, 00, 69, C4, 94, 42, E0, 83, BE, 12, 79, A2, AB, 72, 46, 4A, 1B, A6, CC, 3D, A1, CE, F5, 94, ED, DD, F5, 88, E4, 3B, 06, 86, 1D, 2C, A7, D2, 8C, 83, 19, 7D, 85... 
[+]

Entropy:

7.9926

Packer / compiler:

ASProtect v1.2x (New Strain)

Code size:

1.6 MB (1,634,304 bytes)

Remove DriverGenius.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.