home

driverpack-online_724487834.1470789833.exe

DriverPack

The application driverpack-online_724487834.1470789833.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The file has been seen being downloaded from download.drp.su.
Publisher:
DriverPack

Product:
DriverPack

Version:
1.0

MD5:
c0935f7afc794227a4e5655c22823af5

SHA-1:
ef14859c05e5b3efc47ab1e596e62df4d5fd20ba

SHA-256:
c465db73aca076847329d860d48d1e7b936cde473de07cbd97487b23cd8d4df7

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
5/21/2024 7:50:47 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.DriverPack (L)
16.8.10.18

File size:
350.5 KB (358,904 bytes)

Product version:
1.0

Copyright:
Copyright © Kuzyakov Artur

Original file name:
DriverPack.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\driverpack-online_724487834.1470789833.exe

File PE Metadata
Compilation timestamp:
4/3/2016 12:14:34 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
6144:M5VP9Ge3+hoAvdeJBbhncZjOcVE5A0mnRd89pQdy3nteT3hmvYBGlbRx0MJFUzH6:M5393whFOBbVcV2A0mnipQM3S3hslbL3

Entry address:
0x1C35F

Entry point:
60, F7, D8, C1, D1, 56, 0F, A5, DB, 84, F0, 8D, 15, C4, 85, AC, CF, C7, C2, 97, E1, AB, 83, 2A, E2, 3B, D8, 84, C6, 89, D0, 0F, C1, FB, 69, F8, CC, 10, F4, C5, F7, C6, 2F, 12, 99, EA, 0F, AF, C2, 88, F7, 56, 81, F9, 2F, 6F, 00, 00, 70, 0B, C6, C2, 96, 03, C0, 69, C2, 12, 14, F3, C4, E8, 3E, 00, 00, 00, 0F, AC, F7, BE, 0F, AC, F3, 14, 69, FF, 16, 09, 7D, 00, 43, F2, 45, C6, C3, 15, 69, C2, 3E, C3, A3, 71, C1, F8, 07, BD, 00, 00, 00, 00, C0, D0, 35, 24, EA, C0, F6, 6D, 03, EE, 0F, AD, DA, D2, D0, F3, 89, CF...
 
[+]

Entropy:
7.5991

Code size:
111.5 KB (114,176 bytes)

The file driverpack-online_724487834.1470789833.exe has been seen being distributed by the following URL.

http://download.drp.su/.../DriverPack-Online_724487834.1470789833.exe

Remove driverpack-online_724487834.1470789833.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.