× Les cookies sont désactivés ! Ce site exige que les cookies soient activés pour fonctionner correctement
SHA256: 73757ff05ddb553a8c1aca875c775e2075f551e0d9e0f8a86ce9e078a1ab5cc8
Nom du fichier : driverhivetrialsetup.exe
Ratio de détection : 34 / 67
Date d'analyse : 2019-01-29 23:52:50 UTC (il y a 2 mois, 2 semaines) Voir les derniers
Antivirus Résultat Mise à jour
Antiy-AVL GrayWare[AdWare]/Win32.OpenCandy.a 20190129
Avast Win32:OpenCandy-D [PUP] 20190129
AVG Win32:OpenCandy-D [PUP] 20190129
Avira (no cloud) PUA/DriverHive.EL.1 20190129
CAT-QuickHeal Webtoolbar.Asparnet 20190129
Comodo Malware@#32icg6yb4r0s7 20190129
Cyren W32/Adware.ECKM-3307 20190129
DrWeb Program.Unwanted.1231 20190129
Emsisoft Application.AdInstall (A) 20190129
ESET-NOD32 a variant of Win32/UwS.DriverHive.A 20190130
F-Prot W32/OpenCandy.B 20190129
Fortinet Adware/OpenCandy 20190129
GData Win32.Application.OpenCandy.O 20190129
Sophos ML heuristic 20181128
K7AntiVirus Unwanted-Program ( 004b92301 ) 20190129
K7GW Unwanted-Program ( 004b92301 ) 20190129
Kaspersky not-a-virus:Downloader.Win32.OpenCandy.lc 20190130
Malwarebytes PUP.Optional.DriverHive 20190129
MAX malware (ai score=98) 20190130
McAfee Artemis!A85D26429661 20190129
McAfee-GW-Edition Artemis!PUP 20190129
Microsoft PUA:Win32/CandyOpen 20190129
NANO-Antivirus Riskware.Win32.OpenCandy.dqxwev 20190129
Panda PUP/DriverHive 20190129
Qihoo-360 Script/Virus.WebToolbar.e9d 20190130
Rising PUF.OpenCandy!1.9DE5 (CLASSIC) 20190129
Sophos AV Troj/Decept-FA 20190129
Symantec PUA.OpenCandy 20190129
Tencent Win32.Risk.Uws.Lmkr 20190130
VBA32 AdWare.OpenCandy 20190129
ViRobot Adware.Opencandy.6875640 20190129
Yandex Riskware.OpenCandy! 20190129
Zillya Adware.OpenCandy.Win32.13 20190129
ZoneAlarm by Check Point not-a-virus:Downloader.Win32.OpenCandy.lc 20190129
Acronis 20190128
Ad-Aware 20190129
AegisLab 20190129
AhnLab-V3 20190129
Alibaba 20180921
ALYac 20190129
Arcabit 20190129
Avast-Mobile 20190129
Babable 20180918
Baidu 20190129
BitDefender 20190129
Bkav 20190129
ClamAV 20190129
CMC 20190129
CrowdStrike Falcon (ML) 20181023
Cybereason 20190109
Cylance 20190130
eGambit 20190130
Endgame 20181108
F-Secure 20190129
Ikarus 20190129
Jiangmin 20190129
Kingsoft 20190130
eScan 20190130
Palo Alto Networks (Known Signatures) 20190130
SentinelOne (Static ML) 20190124
SUPERAntiSpyware 20190123
TACHYON 20190129
TheHacker 20190129
Trapmine 20190123
Trustlook 20190130
Webroot 20190130
Zoner 20190128
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright (C) 2010 Bootstrap Development, LLC. All Rights Reserved.

Product DriverHive
File version 3.0.7.1244
Description DriverHive Setup
Comments This installation was built with Inno Setup.
Signature verification Signed file, verified signature
Signing date 9:45 PM 1/17/2016
Signers
[+] Bootstrap Development, LLC
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Symantec Class 3 Extended Validation Code Signing CA - G2
Valid from 01:00 AM 01/16/2016
Valid to 11:59 PM 05/24/2016
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 116BE43C6CD59B1C0DA6AF734ECD73DEA757203E
Serial number 59 92 20 84 43 29 B5 51 B4 97 CF 04 22 CA 30 BF
[+] Symantec Class 3 Extended Validation Code Signing CA - G2
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 01:00 AM 03/04/2014
Valid to 12:59 AM 03/04/2024
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 5B8F88C80A73D35F76CD412A9E74E916594DFA67
Serial number 19 1A 32 CB 75 9C 97 B8 CF AC 11 8D D5 12 7F 49
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 01:00 AM 11/08/2006
Valid to 11:59 PM 07/16/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] GeoTrust 2048-bit Timestamping Signer 2
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 12:00 AM 06/11/2015
Valid to 12:59 AM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint CE3118B4CD650C83D9143CC24A191B41E8A6F500
Serial number 2D 4E 86 50 85 BE E0 0E 13 72 28 B3 D0 B1 32 E9
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 01:00 AM 12/21/2012
Valid to 12:59 AM 12/31/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 01:00 AM 01/01/1997
Valid to 12:59 AM 01/01/2021
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
Packers identified
F-PROT INNO, appended, Unicode
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x00009B24
Number of sections 8
PE sections
Overlays
MD5 c81b3c1ebb63abe59d657160bc012b18
File type data
Offset 82432
Size 6793208
Entropy 8.00
PE imports
LookupPrivilegeValueA
RegCloseKey
OpenProcessToken
RegQueryValueExA
AdjustTokenPrivileges
RegOpenKeyExA
InitCommonControls
GetSystemTime
GetLastError
GetEnvironmentVariableA
GetStdHandle
EnterCriticalSection
GetUserDefaultLangID
GetSystemInfo
GetFileAttributesA
GetExitCodeProcess
ExitProcess
CreateDirectoryA
VirtualProtect
GetVersionExA
RemoveDirectoryA
RtlUnwind
LoadLibraryA
DeleteCriticalSection
GetCurrentProcess
SizeofResource
GetLocaleInfoA
LocalAlloc
LockResource
IsDBCSLeadByte
DeleteFileA
GetWindowsDirectoryA
GetSystemDefaultLCID
SetErrorMode
MultiByteToWideChar
GetCommandLineA
GetProcAddress
FormatMessageA
SetFilePointer
RaiseException
WideCharToMultiByte
GetModuleHandleA
ReadFile
InterlockedExchange
WriteFile
CloseHandle
GetACP
GetFullPathNameA
LocalFree
CreateProcessA
GetModuleFileNameA
InitializeCriticalSection
LoadResource
VirtualQuery
VirtualFree
TlsGetValue
Sleep
GetFileType
SetEndOfFile
TlsSetValue
CreateFileA
FindResourceA
VirtualAlloc
GetFileSize
SetLastError
LeaveCriticalSection
SysStringLen
SysAllocStringLen
VariantCopyInd
VariantClear
VariantChangeTypeEx
CharPrevA
CreateWindowExA
LoadStringA
DispatchMessageA
CallWindowProcA
MessageBoxA
PeekMessageA
SetWindowLongA
MsgWaitForMultipleObjects
TranslateMessage
ExitWindowsEx
DestroyWindow
Number of PE resources by type
RT_ICON 9
RT_STRING 6
RT_MANIFEST 1
RT_RCDATA 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 12
NEUTRAL 7
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
This installation was built with Inno Setup.

LinkerVersion
2.25

ImageVersion
6.0

FileSubtype
0

FileVersionNumber
3.0.7.1244

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
DriverHive Setup

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, Bytes reversed hi

CharacterSet
Unicode

InitializedDataSize
43520

EntryPoint
0x9b24

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2010 Bootstrap Development, LLC. All Rights Reserved.

FileVersion
3.0.7.1244

TimeStamp
1992:06:20 00:22:17+02:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
3.0.7.1244

UninitializedDataSize
0

OSVersion
1.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Bootstrap Development, LLC.

CodeSize
37888

ProductName
DriverHive

ProductVersionNumber
3.0.7.1244

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 a85d2642966186d0769963ce46d6b7ae
SHA1 c2ac3d30834ec364632e5755a57054372e3eb368
SHA256 73757ff05ddb553a8c1aca875c775e2075f551e0d9e0f8a86ce9e078a1ab5cc8
ssdeep
98304:j1TfPVenoCE7D5BjXRArEtNev2IMKIjaXhGTF2AyYEiYEtz7Qj/MkSbGpkVA2/Bk:R1gornRWceni2XhGTEeJQXRUJ2

authentihash 6bc6ec7e104f243bfb5ea380cd38a22a200b6e7760189d216658239d9127b3da
imphash 884310b1928934402ea6fec1dbd3cf5e
File size 6.6 MB ( 6875640 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Inno Setup installer (76.6%)
Win32 Executable Delphi generic (9.9%)
Win32 Dynamic Link Library (generic) (4.5%)
Win32 Executable (generic) (3.1%)
Win16/32 Executable Delphi generic (1.4%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2016-01-19 09:05:11 UTC (il y a 3 ans, 3 mois)
Last submission 2019-02-20 12:13:46 UTC (il y a 1 mois, 3 semaines)
Noms du fichier driverhivetrialsetup.exe
73757FF05DDB553A8C1ACA875C775E2075F551E0D9E0F8A86CE9E078A1AB5CC8.exe
driverhivetrialsetup.exe
788571
driverhivetrialsetup.exe
driverhivetrialsetup (1).exe
driverhivetrialsetup.exe
driverhivetrialsetup.exe
DriverHive 3.0.7.1244 setup.exe
Aucun commentaire. Aucun membre de la communauté VirusTotal n'a encore commenté cet élément, soyez le premier à le faire !

Laissez votre commentaire...

?
Poster un commentaire

Vous n'êtes pas connecté. Seuls les utilisateurs enregistrés peuvent laisser des commentaires, connectez-vous pour commenter !

Aucun vote. Personne n'a encore voté pour cet élément, soyez le premier à le faire !
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Shell commands
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
HTTP requests
DNS requests
TCP connections
UDP communications