» drivermax.exe
Overview
Analysis
File Details
Behaviors (1)

drivermax.exe

DriverMax

Innovative Solutions Grup SRL

The executable drivermax.exe has been detected as malware by 4 anti-virus scanners. It runs as a scheduled task under the Windows Task Scheduler named DriverMaxAgent triggered to execute each time a user logs in.

File name:

drivermax.exe

Publisher:

Innovative Solutions (signed by Innovative Solutions Grup SRL)

Product:

DriverMax

Version:

7.21.0.141

MD5:

2a2efdf6eb3c7741dc9313cbe8e757e5

SHA-1:

a38a3b27b3a55659f1471e2ce21447a378c7d691

SHA-256:

2f685c8b8d3dfee0509ff87983ee7ecd69e7268d8cfc702302f1c268f3897bad

Scanner detections:

4 / 68

Status:

Malware

Analysis date:

4/19/2024 10:18:33 PM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:Pioneer-C

160908-2

AVG

Win32/Floxif.A

2013.0.4477

ESET NOD32

Win32/Floxif.H virus

6.3.12010.0

F-Prot

W32/Floxif.B

4.6.5.141

File size:

7.1 MB (7,406,911 bytes)

Product version:

7.21

Innovative Solutions

Trademarks:

Innovative Solutions

Original file name:

drivermax.exe

File type:

Executable application (Win32 EXE)

Language:

Romanian (Romania)

Common path:

C:\Program Files\innovative solutions\drivermax\drivermax.exe

Digital Signature

Signed by:

Innovative Solutions Grup SRL

Authority:

VeriSign, Inc.

Valid from:

2/19/2013 6:00:00 AM

Valid to:

3/22/2014 5:59:59 AM

Subject:

CN=Innovative Solutions Grup SRL, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Innovative Solutions Grup SRL, L=Bucharest, S=Bucharest, C=RO

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

34318FC0AD1E8BD6468B8A5D1E251000

File PE Metadata

Compilation timestamp:

6/20/1992 4:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

98304:jozlHJ49MNxL8Q7+C8njNaYvcZX1wkyH5:OpSUgJnjNaYvkX1wz

Entry address:

0x22D9EC

Entry point:

E9, 71, FE, E4, FF, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 51, 53, 56, 57, B8, 6C, D0, 62, 00, E8, E3, 99, DD, FF, 33, C0, 55, 68, 28, E5, 62, 00, 64, FF, 30, 64, 89, 20, E8, BC, 36, EE, FF, A1, 68, 62, 63, 00, 8B, 00, E8, BC, C8, DD, FF, 84, C0, 75, 0C, A1, 68, 62, 63, 00, 8B, 00, E8, D0, C8, DD, FF, E8, EB, 42, EE, FF, 84, C0, 74, 26, 6A, 00, 66, 8B, 0D, 38, E5, 62, 00, B2, 01, B8, 44, E5, 62, 00, E8, AE, 83, E1, FF, A1, 18, 64, 63, 00, 8B, 00, E8, 0E, 0D, E4, FF, E9, 69, 0A, 00, 00, E8, 5C, E6, FF, FF... 
[+]

Entropy:

5.9087

Packer / compiler:

Xtreme-Protector v1.05

Code size:

2.2 MB (2,284,032 bytes)

Scheduled Task

Task name:

DriverMaxAgent

Trigger:

Logon (Runs on logon)

Description:

DriverMaxAgent

Remove drivermax.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.