home

driversupport.exe

MD5:
73ba0f7eb8c0eadb01b41f0d85d7b736

SHA-1:
88b168859d1c4e9d0af037652b0513acac763c24

SHA-256:
d9e654bfaea2290d7e9d5b04081570ac419eb5be6fb337a79c8525b9e60a4780

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/25/2024 9:15:16 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Crypt.EPACK.Gen2
7.11.30.172

File size:
1.9 MB (1,978,008 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\driversupport.exe

File PE Metadata
Compilation timestamp:
10/2/2013 1:23:06 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:GYIGspNj4pQivdm4Q4wmDA+aEHIVrYNoZaTdJA57zlSm8hz+VFGFxRNP5t1s:GYIxpjI+kA+MJYNVTdJuHIwQ/P5g

Entry address:
0x98FAB

Entry point:
00, FF, 85, C0, 0F, 85, BA, FD, FF, FF, 0F, B6, 71, F4, 0F, B6, 42, F4, 2B, F0, 74, 13, 33, C0, 85, F6, 0F, 9F, C0, 8D, 44, 00, FF, 85, C0, 0F, 85, 9B, FD, FF, FF, 0F, B6, 71, F5, 0F, B6, 42, F5, 2B, F0, 74, 13, 33, C0, 85, F6, 0F, 9F, C0, 8D, 44, 00, FF, 85, C0, 0F, 85, 7C, FD, FF, FF, 0F, B6, 71, F6, 0F, B6, 42, F6, 2B, F0, 74, 0D, 33, C0, 85, F6, 0F, 9F, C0, 8D, 44, 00, FF, 8B, F0, 8B, C6, EB, 02, 33, C0, 85, C0, 0F, 85, 55, FD, FF, FF, 8B, 41, F7, 3B, 42, F7, 74, 79, 0F, B6, F0, 0F, B6, 42, F7, 2B, F0...
 
[+]

Entropy:
7.1611

Code size:
911 KB (932,864 bytes)

The file driversupport.exe has been seen being distributed by the following 2 URLs.

http://30e146a7a3b5a82cef44-146e15445b0140a98990b2c857a16675.r25.cf2.rackcdn.com/DriverSupport.exe

https://secure.driversupport.com/direct/.../driversupport.exe

Scan driversupport.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.