home

driverpack-online.exe

Kuzyakov Artur Vyacheslavovich IP

The application driverpack-online.exe by Kuzyakov Artur Vyacheslavovich IP has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from mega.nz and multiple other hosts.
Publisher:
Kuzyakov Artur Vyacheslavovich IP  (signed and verified)

MD5:
b4b346a375ddefe993d70c822124f187

SHA-1:
a35d11d9d318c43495a545d7b9e01d2acce44496

SHA-256:
71398a67621234332cbcf0ac7e49b550243aa183d8595c5e230681e3cf5e37f3

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/29/2024 7:44:24 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.KuzyakovArturVyacheslavovichIP.R
14.9.14.13

File size:
13.9 MB (14,624,536 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\driverpack-online.exe

Digital Signature
Signed by:
Kuzyakov Artur Vyacheslavovich IP

Authority:
COMODO CA Limited

Valid from:
2/28/2012 3:00:00 AM

Valid to:
2/28/2015 2:59:59 AM

Subject:
CN=Kuzyakov Artur Vyacheslavovich IP, O=Kuzyakov Artur Vyacheslavovich IP, STREET=24K1 Tashkentskaya ul., L=Moscow, S=Moscow, PostalCode=109472, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
008ED5EE3D985B31936DA24E4A4CC34419

File PE Metadata
Compilation timestamp:
12/30/2012 11:50:02 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
393216:ZSMISEscrcEUYglqv/ZRvCkTI6v378jxY4rsKF:pZEscrc5q5NCkT78ji4

Entry address:
0x168BF

Entry point:
55, 8B, EC, 6A, FF, 68, 60, A0, 41, 00, 68, 50, 6A, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, DC, 81, 41, 00, 59, 83, 0D, 24, EB, 41, 00, FF, 83, 0D, 28, EB, 41, 00, FF, FF, 15, E0, 81, 41, 00, 8B, 0D, 04, CB, 41, 00, 89, 08, FF, 15, E4, 81, 41, 00, 8B, 0D, 00, CB, 41, 00, 89, 08, A1, E8, 81, 41, 00, 8B, 00, A3, 20, EB, 41, 00, E8, 1D, 01, 00, 00, 39, 1D, D0, C7, 41, 00, 75, 0C, 68, 48, 6A, 41, 00, FF, 15, EC, 81...
 
[+]

Entropy:
7.9921

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
88.5 KB (90,624 bytes)

The file driverpack-online.exe has been seen being distributed by the following 12 URLs.

https://mega.nz/temporary/.../ClgkETZD

temp:DriverPack-Online.exe

http://www.grabsoftwarenow.com/degW6tM3hwi32hqS2oHVFsJ9t9eBjTUTx O9b6fMBRfpiCZwJ2poE6iCfUHkQ6DUym5nUvukosR5dgfSDhleYjwGOhEcQo3hLNZCFRw5qm88yyMQgIGB6Am35d_ZJV1GiFFKiSUNiTQc6UMHLabbhEt H6sO0TjPMRgrAP0Y0NqHisvh4AHiiv4Rwz4WOiiuVFfHeCeTpQwZ4WoewFXxMjO kkvEJ41DSYALoNFEQalHxP5Zt4LRt0255GLk5kFRUXJ r2MCC81Jz3Fckobnqe8e3nC4iSc3QWYCfm76RZ7EPAQWruji4pBFxtUoz4jJ01iPGENowSTSqkKLKRNXXtvJa82AIWLpoLvTR9uWcLoVsiB7CZhyh2Vsak9omv_ebhfDbFy3J62SrrJ28iOhCxOJb2TZASDW4V_kF5ULA3WCZy3Wman3FgFcpn7RPDXCvMSxfxTM_H3YVg6lT4 wC3ZYHdiLbLxPD839o8Dk1nGqxi5BI2QGrFE8pBdfp4MhwGbkV5UL3ZUJVeIf1afrLtJneykt3w==-G2AAAGRwXmtr0OmqUAE4xgH7vV0LDDigDTtgZxfDozUmfVE3z0s5Bmqc41IFJQReCwy1nqh6K c4rWJnTTv79QlTpW 2lk4s TNQWVQoGpGJkGU=-e

http://www.clearheartgift.com/sqLeNIZLpRdAmKBvdaJQjfzO9JIIr6lx8i_c_ASzrwke8Jif9CLDNl0XWKMHHZue85KDRVDTsDLVLnSdVo8XYZrA25lsymaHJZJ2_hQzZuWWPxT9FbfebSUSoYwrvqe5pjYSdPSOJsuc20jA169sx9ISPxkQqcKcC7lWyCk8V9aGzQ57lTWbGrxctfBpIPzg28yK4SUjMOUk8ZOMVsm5c5ygewqGjqPJtIqpz6__t_bxplFHiEKhWDQVNs9CqtyP8XCJQhSZLSPyEjdnQuvjIIEF5OBqDC933laQmmNAUxJGjyrlnc3ld18U0CW2M9kjoqO1PaQ4HWkDeoJjrTvNYFFUYAPsDqIYaGa YthSLVs1EE31X0V8d70zee0ioXtlSInM6aKsRQDhXv8PnABDDGxoARXFN8MbNSVfaQCUDHS1Ij2W6lmAxClW7VEd3d1S1Hv87GetEnL_EN WoVPGN9Bae_DwNXgAQ3Ijv1ekaoe7kT9_0JHrbU4OOSWCX3olfgw5GMto3zalOCG3AGuUB4w84WANlw==-G2AAAGRgnq2twQ4FwOEYB z3di0w4IA27ICdXQyP1pj0hcZt25slUK0MblRQQsBrgUGtJ9T Wvl RFc7vvkb_GMrjj69hntuMJop0IooQVMMS7EoDg==-e

http://driverpack-solution-online.softonic.com/download-tracker?th=8yS3 KGEYLiw7GKMHzA/trmsvRChbxdrflJq3ZIylWuZIFnoHcEI7f5JH/.../H cjlE8oqHI8Kiqkic4b3a62OpcJ0iOOtZ340Q0G5hJLpP xB4TVTAVx2Idmcjlt5H4=

http://192.168.10.5/ftp/Software & Resources/.../DriverPack-Online.exe

http://www.fayloobmennik.net/files/.../63484434.html?check=0044757db26c9551509db82f4b099085&file=4113046

blob:http://sd-web.softonic.com/9284a682-9b7c-41e2-b439-53812348ff27

http://programki.net/download.php?id_p=166&id_url=2

http://new.drp.su/.../DriverPack-Online.exe

http://gsf-cf.softonic.com/a35/d11/.../DriverPack-Online.exe

http://download.drp.su/DriverPack-Online.exe

Remove driverpack-online.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.