× Les cookies sont désactivés ! Ce site exige que les cookies soient activés pour fonctionner correctement
SHA256: b11cdf4a049e1f38bc817bbab1bd3dea0bf33d5583688112fd8961c0c3401aa4
Nom du fichier : driverhivetray.exe
Ratio de détection : 9 / 68
Date d'analyse : 2018-07-24 00:33:58 UTC (il y a 9 mois) Voir les derniers
Antivirus Résultat Mise à jour
Cyren W32/GenBl.E5FF7D4A!Olympus 20180724
DrWeb Program.Unwanted.1231 20180723
ESET-NOD32 a variant of Win32/UwS.DriverHive.A 20180724
Sophos ML heuristic 20180717
Malwarebytes PUP.Optional.DriverHive 20180724
Rising Malware.Undefined!8.C (CLOUD) 20180724
Sophos AV Mal/Generic-S 20180723
Tencent Win32.Risk.Deceptor.Amwd 20180724
TrendMicro-HouseCall Suspicious_GEN.F47V0723 20180723
Ad-Aware 20180723
AegisLab 20180724
AhnLab-V3 20180723
Alibaba 20180713
ALYac 20180723
Antiy-AVL 20180724
Arcabit 20180723
Avast 20180723
Avast-Mobile 20180723
AVG 20180723
Avira (no cloud) 20180723
AVware 20180723
Babable 20180406
Baidu 20180723
BitDefender 20180723
Bkav 20180723
CAT-QuickHeal 20180723
ClamAV 20180723
CMC 20180723
Comodo 20180723
CrowdStrike Falcon (ML) 20180530
Cybereason 20180225
Cylance 20180724
eGambit 20180724
Emsisoft 20180723
Endgame 20180711
F-Prot 20180723
F-Secure 20180723
Fortinet 20180723
GData 20180723
Ikarus 20180723
Jiangmin 20180724
K7AntiVirus 20180723
K7GW 20180724
Kaspersky 20180723
Kingsoft 20180724
MAX 20180724
McAfee 20180723
McAfee-GW-Edition 20180724
Microsoft 20180724
eScan 20180723
NANO-Antivirus 20180724
Palo Alto Networks (Known Signatures) 20180724
Panda 20180723
Qihoo-360 20180724
SentinelOne (Static ML) 20180701
SUPERAntiSpyware 20180724
Symantec 20180724
TACHYON 20180724
TheHacker 20180723
TotalDefense 20180722
TrendMicro 20180723
Trustlook 20180724
VBA32 20180723
VIPRE 20180724
ViRobot 20180723
Webroot 20180724
Yandex 20180720
Zillya 20180723
ZoneAlarm by Check Point 20180724
Zoner 20180723
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright (C) 2010 Bootstrap Development, LLC. All Rights Reserved.

Product DriverHive
Original name DriverHive.exe
File version 3,0,7,1244
Description DriverHive
Signature verification Signed file, verified signature
Signing date 8:44 PM 1/17/2016
Signers
[+] Bootstrap Development, LLC
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer Symantec Class 3 Extended Validation Code Signing CA - G2
Valid from 12:00 AM 01/16/2016
Valid to 11:59 PM 05/24/2016
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 116BE43C6CD59B1C0DA6AF734ECD73DEA757203E
Serial number 59 92 20 84 43 29 B5 51 B4 97 CF 04 22 CA 30 BF
[+] Symantec Class 3 Extended Validation Code Signing CA - G2
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 12:00 AM 03/04/2014
Valid to 11:59 PM 03/03/2024
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 5B8F88C80A73D35F76CD412A9E74E916594DFA67
Serial number 19 1A 32 CB 75 9C 97 B8 CF AC 11 8D D5 12 7F 49
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 12:00 AM 11/08/2006
Valid to 11:59 PM 07/16/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] GeoTrust 2048-bit Timestamping Signer 3
Status Valid
Issuer Symantec Time Stamping Services CA - G2
Valid from 12:00 AM 06/11/2015
Valid to 11:59 PM 12/29/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 9121093C959236E8DC583E146AC659431F0A9CE6
Serial number 55 45 CA 02 24 61 90 D9 79 EE B4 0D B9 FF BC 18
[+] Symantec Time Stamping Services CA - G2
Status Valid
Issuer Thawte Timestamping CA
Valid from 12:00 AM 12/21/2012
Valid to 11:59 PM 12/30/2020
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B
[+] Thawte Timestamping CA
Status Valid
Issuer Thawte Timestamping CA
Valid from 12:00 AM 01/01/1997
Valid to 11:59 PM 12/31/2020
Valid usage Timestamp Signing
Algorithm md5RSA
Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656
Serial number 00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-01-17 19:44:44
Entry Point 0x001DFE9C
Number of sections 10
PE sections
Overlays
MD5 3ff469b7961832edf8beae575efca850
File type data
Offset 2429952
Size 14376
Entropy 7.33
PE imports
GetNamedSecurityInfoW
SetEntriesInAclW
SetNamedSecurityInfoW
GetModuleHandleExW
RegCreateKeyExW
RegCloseKey
RegQueryValueExA
InitializeAcl
RegQueryValueExW
SetSecurityDescriptorDacl
RegFlushKey
GetSidSubAuthority
OpenProcessToken
AddAccessAllowedAce
RegOpenKeyExW
RegOpenKeyExA
GetTokenInformation
LookupPrivilegeNameW
RegQueryInfoKeyW
RegEnumValueW
GetUserNameA
LookupPrivilegeNameA
GetLengthSid
InitializeSid
RegDeleteValueW
RegSetValueExW
GetSidLengthRequired
InitializeSecurityDescriptor
RegEnumKeyExA
ImageList_BeginDrag
ImageList_GetImageCount
ImageList_SetBkColor
FlatSB_SetScrollInfo
ImageList_SetImageCount
FlatSB_GetScrollInfo
ImageList_DragMove
FlatSB_SetScrollProp
ImageList_Remove
ImageList_GetDragImage
ImageList_DrawEx
ImageList_SetIconSize
ImageList_Write
ImageList_Read
ImageList_Destroy
_TrackMouseEvent
ImageList_Draw
ImageList_GetIconSize
ImageList_DragLeave
ImageList_GetBkColor
ImageList_GetIcon
FlatSB_SetScrollPos
ImageList_DragEnter
ImageList_Add
InitializeFlatSB
FlatSB_GetScrollPos
ImageList_DragShowNolock
ImageList_Create
ImageList_EndDrag
GetDIBColorTable
GetTextMetricsW
SetMapMode
GetWindowOrgEx
PatBlt
GetClipBox
GetRgnBox
SaveDC
TextOutA
CreateFontIndirectA
GetPaletteEntries
CreateEnhMetaFileW
CreateRectRgnIndirect
MaskBlt
CombineRgn
SetStretchBltMode
GetEnhMetaFilePaletteEntries
GetPixel
Rectangle
BitBlt
GetDeviceCaps
GetCurrentPositionEx
TranslateCharsetInfo
LineTo
DeleteDC
RestoreDC
SetBkMode
CopyEnhMetaFileW
GetSystemPaletteEntries
CreateFontW
SetPixel
CreateSolidBrush
DeleteObject
IntersectClipRect
CreateHalftonePalette
CreateDIBSection
CreateFontA
RealizePalette
SetTextColor
GetTextExtentPointW
CreateFontIndirectW
GetBrushOrgEx
GetCurrentObject
MoveToEx
SetEnhMetaFileBits
GetObjectW
ExcludeClipRect
FrameRgn
CreateBitmap
RectVisible
CreatePalette
GetStockObject
CreateDIBitmap
SetViewportOrgEx
SelectPalette
DeleteEnhMetaFile
UnrealizeObject
GetDIBits
GetEnhMetaFileBits
SetBrushOrgEx
GetDCOrgEx
PlayEnhMetaFile
StretchBlt
GetBitmapBits
CreateCompatibleDC
CloseEnhMetaFile
SetROP2
CreateRectRgn
SelectObject
GetTextExtentPoint32A
GetWinMetaFileBits
SetDIBColorTable
GetEnhMetaFileDescriptionW
GetEnhMetaFileHeader
CreateBrushIndirect
SetWindowOrgEx
GetMapMode
SetBkColor
SetWinMetaFileBits
GetTextExtentPoint32W
CreateCompatibleBitmap
CreatePenIndirect
LPtoDP
GetIpForwardTable
SetThreadLocale
GetProfileIntW
GetStdHandle
GetDriveTypeW
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
HeapDestroy
SignalObjectAndWait
GetHandleInformation
GetFileAttributesW
GetLocalTime
HeapAlloc
GetCurrentProcess
FileTimeToDosDateTime
GetLocaleInfoA
LocalAlloc
GetVolumeInformationW
SetErrorMode
_llseek
GetThreadContext
GetLocaleInfoW
GetFileTime
GetTempPathA
WideCharToMultiByte
FileTimeToLocalFileTime
GetDiskFreeSpaceW
InterlockedExchange
WriteFile
_lopen
GetThreadPriority
InterlockedExchangeAdd
SetEvent
MoveFileA
ResumeThread
GetExitCodeProcess
InitializeCriticalSection
OutputDebugStringW
FlushInstructionCache
FindClose
TlsGetValue
MoveFileW
SetFileAttributesW
OutputDebugStringA
SetLastError
GetSystemTime
GetEnvironmentVariableA
GlobalFindAtomW
lstrcpynW
LoadResource
GetModuleFileNameW
ExitProcess
GetModuleFileNameA
RaiseException
GetPriorityClass
LoadLibraryExA
GetPrivateProfileStringA
SetThreadPriority
GetUserDefaultLCID
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
EnumCalendarInfoW
WriteProfileStringW
GetModuleHandleA
_lclose
GlobalMemoryStatus
GlobalAddAtomW
CreateThread
SetEnvironmentVariableW
DeleteCriticalSection
GetExitCodeThread
SetUnhandledExceptionFilter
CreateMutexW
MulDiv
ExitThread
SetEnvironmentVariableA
WaitForMultipleObjectsEx
TerminateProcess
InterlockedDecrement
SetCurrentDirectoryW
VirtualQuery
LocalFileTimeToFileTime
VirtualQueryEx
CreateEventW
SetEndOfFile
GetVersion
InterlockedIncrement
HeapFree
EnterCriticalSection
TerminateThread
LoadLibraryW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
VirtualProtect
LoadLibraryA
RtlUnwind
GlobalSize
GetStartupInfoA
GetFileSize
OpenProcess
DeleteFileA
GetWindowsDirectoryA
GetDateFormatW
FormatMessageW
CreateDirectoryW
DeleteFileW
GetProcAddress
_lread
GetTempFileNameW
GetComputerNameW
GetProfileStringW
CompareStringW
lstrcpyW
_lcreat
FindNextFileW
GetProfileStringA
ResetEvent
GetTempFileNameA
GetComputerNameA
FindFirstFileW
IsValidLocale
DuplicateHandle
WaitForMultipleObjects
CreateFileMappingW
SetVolumeLabelW
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
CreateFileA
GetCurrentThreadId
LeaveCriticalSection
GetLastError
DosDateTimeToFileTime
GlobalDeleteAtom
HeapCreate
GetSystemInfo
GlobalFree
FindResourceW
GetThreadLocale
GlobalUnlock
GlobalAlloc
lstrlenW
CreateProcessW
_lwrite
SizeofResource
GetCurrentDirectoryW
WritePrivateProfileStringA
GetCurrentProcessId
LockResource
SetFileTime
GetCommandLineW
GetCPInfo
InterlockedCompareExchange
GetCurrentThread
SuspendThread
GetSystemDefaultLangID
QueryPerformanceFrequency
MapViewOfFile
SetFilePointer
GetFullPathNameW
ReadFile
FindFirstFileA
CloseHandle
EnumSystemLocalesA
GetACP
GlobalLock
GetModuleHandleW
FreeResource
SwitchToThread
GetFileAttributesExW
GetLongPathNameW
CreateProcessA
UnmapViewOfFile
GetTempPathW
VirtualFree
Sleep
IsBadReadPtr
FindResourceA
VirtualAlloc
GetOEMCP
CompareStringA
AlphaBlend
CreateStreamOnHGlobal
OleUninitialize
OleDraw
IsEqualGUID
OleInitialize
ProgIDFromCLSID
IsAccelerator
CoCreateGuid
CoCreateInstance
CoUninitialize
StringFromCLSID
CoGetClassObject
OleSetMenuDescriptor
CoInitializeEx
CoInitialize
CoTaskMemFree
CoTaskMemAlloc
CreateErrorInfo
VariantChangeType
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetElement
SafeArrayPtrOfIndex
SysAllocStringLen
SafeArrayUnaccessData
VariantCopyInd
VariantClear
GetActiveObject
SafeArrayCreate
SysReAllocStringLen
SafeArrayGetUBound
VariantInit
VariantCopy
GetErrorInfo
SysFreeString
SafeArrayPutElement
SetErrorInfo
Shell_NotifyIconW
ShellExecuteW
ShellExecuteExW
SHGetSpecialFolderPathW
SHGetMalloc
ShellExecuteA
MapWindowPoints
GetMessagePos
RedrawWindow
LoadBitmapW
EnableScrollBar
DestroyMenu
PostQuitMessage
GetForegroundWindow
LoadBitmapA
SetWindowPos
IsWindow
DispatchMessageA
EndPaint
CharUpperBuffA
WindowFromPoint
OemToCharBuffW
DrawIcon
GetMessageTime
SetMenuItemInfoW
SetActiveWindow
GetMenuItemID
GetCursorPos
ReleaseDC
GetMenuStringW
SendMessageW
SendMessageA
UnregisterClassW
GetClientRect
GetMenuItemInfoW
DefMDIChildProcW
DrawTextW
SetScrollPos
CallNextHookEx
GetSysColor
GetKeyboardState
ClientToScreen
GetTopWindow
GetWindowTextW
MsgWaitForMultipleObjects
ScrollWindow
GetWindowTextA
InvalidateRgn
PtInRect
DrawEdge
GetParent
UpdateWindow
GetPropW
SetClassLongW
EnumWindows
GetMessageW
ShowWindow
DrawFrameControl
SetPropW
GetDesktopWindow
PeekMessageW
TranslateMDISysAccel
InsertMenuItemW
SetWindowPlacement
PeekMessageA
TranslateMessage
IsWindowEnabled
GetWindow
CharUpperA
ActivateKeyboardLayout
RegisterClassW
GetIconInfo
SetParent
SetClipboardData
IsZoomed
GetWindowPlacement
LoadStringW
GetKeyboardLayoutList
DrawMenuBar
IsIconic
GetSubMenu
SetTimer
GetActiveWindow
IsDialogMessageW
FillRect
EnumThreadWindows
CopyRect
WaitForInputIdle
GetSysColorBrush
IsWindowUnicode
CreateWindowExW
GetWindowLongW
CharNextW
IsChild
IsDialogMessageA
SetFocus
RegisterWindowMessageW
BeginPaint
OffsetRect
DefWindowProcW
GetScrollPos
GetKeyboardLayoutNameW
KillTimer
MapVirtualKeyW
DefWindowProcA
GetClipboardData
GetSystemMetrics
SetWindowLongW
SetScrollRange
GetWindowRect
InflateRect
SetCapture
ReleaseCapture
EnumChildWindows
GetScrollRange
CharLowerW
PostMessageW
GetKeyNameTextW
EndDialog
DrawTextExW
WaitMessage
CreatePopupMenu
CheckMenuItem
GetClassLongW
GetLastActivePopup
DrawIconEx
CharUpperBuffW
SetWindowTextW
GetDCEx
GetDlgItem
RemovePropW
CreateDialogParamA
GetSystemMenu
ScreenToClient
LoadCursorA
TrackPopupMenu
GetMenuItemCount
GetMenuState
ShowOwnedPopups
LoadCursorW
LoadIconW
FindWindowExW
GetDC
InsertMenuW
SetForegroundWindow
OpenClipboard
EmptyClipboard
DrawTextA
IntersectRect
GetScrollInfo
CharLowerBuffW
GetKeyboardLayout
FindWindowW
GetCapture
MessageBeep
RemoveMenu
GetWindowThreadProcessId
ShowScrollBar
MessageBoxW
GetMenu
DestroyIcon
UnhookWindowsHookEx
MoveWindow
LoadKeyboardLayoutW
MessageBoxA
GetClassNameA
GetWindowDC
DestroyCursor
AdjustWindowRectEx
DialogBoxParamA
GetFocus
MsgWaitForMultipleObjectsEx
RegisterClipboardFormatW
SetScrollInfo
GetKeyState
SystemParametersInfoA
EnableMenuItem
DefFrameProcW
IsWindowVisible
SystemParametersInfoW
DispatchMessageW
FrameRect
SetRect
DeleteMenu
InvalidateRect
CreateIcon
CallWindowProcW
DestroyWindow
GetClassInfoW
SetWindowsHookExW
GetCursor
SendMessageTimeoutW
CreateMenu
EnableWindow
CloseClipboard
GetKeyboardType
SetMenu
SetCursor
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueA
HttpQueryInfoW
InternetQueryDataAvailable
InternetQueryOptionW
InternetConnectW
InternetWriteFile
InternetReadFile
HttpEndRequestW
HttpSendRequestExW
InternetCrackUrlW
InternetSetOptionW
HttpSendRequestW
InternetOpenUrlW
InternetErrorDlg
InternetCloseHandle
InternetAttemptConnect
InternetOpenW
HttpOpenRequestW
HttpAddRequestHeadersW
PE exports
Number of PE resources by type
RT_STRING 44
RT_ICON 36
RT_BITMAP 30
RT_RCDATA 11
RT_DIALOG 10
RT_GROUP_CURSOR 7
RT_CURSOR 7
RT_GROUP_ICON 4
RT_MANIFEST 1
FILE 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 79
NEUTRAL 73
PE resources
ExifTool file metadata
LegalTrademarks
DriverHive is a trademark of Bootstrap Development, LLC.

UninitializedDataSize
0

InitializedDataSize
466944

ImageVersion
0.0

ProductName
DriverHive

FileVersionNumber
3.0.7.1244

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, Bytes reversed hi

CharacterSet
Windows, Latin1

LinkerVersion
2.25

FileTypeExtension
exe

OriginalFileName
DriverHive.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
3,0,7,1244

TimeStamp
2016:01:17 20:44:44+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
5.0

ProductVersion
3,0,7,1244

FileDescription
DriverHive

OSVersion
5.0

FileOS
Unknown (0)

LegalCopyright
Copyright (C) 2010 Bootstrap Development, LLC. All Rights Reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
Bootstrap Development, LLC.

CodeSize
1961984

FileSubtype
0

ProductVersionNumber
3.0.7.1244

EntryPoint
0x1dfe9c

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 e5ff7d4a40a6fdc79ede6538a2441c42
SHA1 ea2d5b22de0374fa0d509fac0b11abc3c7334cc6
SHA256 b11cdf4a049e1f38bc817bbab1bd3dea0bf33d5583688112fd8961c0c3401aa4
ssdeep
49152:y9lU4szuaK9KvWOzIribhD1FUoXCfoThPvE:K1szvK9KuOzI0hDjUm0o9E

authentihash f59750fd6c600ae314172a49332142fe942acf3dea74ef142e2ac13ea9358d29
imphash 5e26c8d5a935269dfb7bbd9d7ce8cc77
File size 2.3 MB ( 2444328 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (35.7%)
Win32 EXE PECompact compressed (generic) (34.5%)
Windows screen saver (10.8%)
DOS Borland compiled Executable (generic) (8.3%)
Win32 Executable (generic) (3.7%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2016-03-21 01:03:15 UTC (il y a 3 ans, 1 mois)
Last submission 2018-05-08 07:09:12 UTC (il y a 11 mois, 2 semaines)
Noms du fichier DriverHiveTray.exe
DriverHiveTray.exe
driverhivetray.exe
1002-ea2d5b22de0374fa0d509fac0b11abc3c7334cc6
DriverHiveTray.exe
driverhivetray.exe
driverhivetray.exe
DriverHive.exe
flareFile
DriverHiveTray.exe
Aucun commentaire. Aucun membre de la communauté VirusTotal n'a encore commenté cet élément, soyez le premier à le faire !

Laissez votre commentaire...

?
Poster un commentaire

Vous n'êtes pas connecté. Seuls les utilisateurs enregistrés peuvent laisser des commentaires, connectez-vous pour commenter !

Aucun vote. Personne n'a encore voté pour cet élément, soyez le premier à le faire !
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created mutexes
Opened mutexes
Searched windows
Opened service managers
Opened services
Runtime DLLs
HTTP requests
DNS requests
TCP connections
UDP communications