home

drpsu12.3-lite.exe

DriverPack Solution

Kuzyakov Artur Vyacheslavovich IP

The application drpsu12.3-lite.exe, “DriverPack Solution Lite” by Kuzyakov Artur Vyacheslavovich IP has been detected as a potentially unwanted program by 2 anti-malware scanners. This is a setup program which is used to install the application. This file is typically installed with the program DriverPack Solution Lite version 13 by Kuzyakov Artur. The file has been seen being downloaded from dc490.4shared.com and multiple other hosts.
Publisher:
Kuzyakov Artur  (signed by Kuzyakov Artur Vyacheslavovich IP)

Product:
DriverPack Solution

Description:
DriverPack Solution Lite

Version:
0.3

MD5:
addf7180bb56a419b2c42cab3a4fed57

SHA-1:
57f3c990f0969ccea6d5451bd56086b8968444dc

SHA-256:
ec6ddf4b0dedb655f354e8f9c7c004cc7c01093b13e71c82ea72eb309e6be987

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 5:38:22 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.KuzyakovArturVyacheslavovichIP.N
14.3.15.23

Rising Antivirus
PE:Trojan.RuMail!1.6574
23.00.65.14131

File size:
6.9 MB (7,206,288 bytes)

Product version:
12.3

Copyright:
Copyright © 2012 Kuzyakov Artur

Original file name:
DRPSuLite.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\driverpack v12.3-lite\drpsu12.3-lite.exe

Digital Signature
Signed by:
Kuzyakov Artur Vyacheslavovich IP

Authority:
COMODO CA Limited

Valid from:
2/27/2012 4:00:00 PM

Valid to:
2/27/2015 3:59:59 PM

Subject:
CN=Kuzyakov Artur Vyacheslavovich IP, O=Kuzyakov Artur Vyacheslavovich IP, STREET=24K1 Tashkentskaya ul., L=Moscow, S=Moscow, PostalCode=109472, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
008ED5EE3D985B31936DA24E4A4CC34419

File PE Metadata
Compilation timestamp:
4/28/2011 4:38:20 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
196608:pD9q0sgF0fVjvX2S/crfUfEzHazuyRsmTbtMp3kSBD:pDe9DXzc76SmntUkK

Entry address:
0x121CF

Entry point:
55, 8B, EC, 6A, FF, 68, 28, 4C, 41, 00, 68, 60, 23, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, A0, 31, 41, 00, 59, 83, 0D, 24, 99, 41, 00, FF, 83, 0D, 28, 99, 41, 00, FF, FF, 15, A4, 31, 41, 00, 8B, 0D, 1C, 79, 41, 00, 89, 08, FF, 15, A8, 31, 41, 00, 8B, 0D, 18, 79, 41, 00, 89, 08, A1, AC, 31, 41, 00, 8B, 00, A3, 20, 99, 41, 00, E8, 1D, 01, 00, 00, 39, 1D, 10, 77, 41, 00, 75, 0C, 68, 58, 23, 41, 00, FF, 15, B0, 31...
 
[+]

Entropy:
7.9987

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
70 KB (71,680 bytes)

The file drpsu12.3-lite.exe has been discovered within the following program.

DriverPack Solution Lite version 13  by Kuzyakov Artur
Publisher's description - “A lite version of the most powerful manager for automated driver installation. Scans your computer hardware and offers a download from the Internet unidentified driver. Quickly, efficiently. Lite version does not include database drivers, software and diagnostic tools.”
drp.su
About 2% of users remove it
 
Powered by Should I Remove It?

The file drpsu12.3-lite.exe has been seen being distributed by the following 2 URLs.

http://dc490.4shared.com/download/.../DRPSu123-Lite.exe

http://dev.drp.su/.../DRPSu12.3-Lite.exe

Remove drpsu12.3-lite.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.