home

deerdrive.exe

Deer Drive

SCS Software

Publisher:
SCS Software

Product:
Deer Drive

Version:
1, 51, 0, 0

MD5:
0c985d20d4738fe9e4f738fc462f56f5

SHA-1:
b996c00d11c7003736192b75effbc930ca6b7512

SHA-256:
fe5c9fbcf8abd46fffea3c635bc1f407e4ec9adcb7d1d914d4050c1edea8b047

Scanner detections:
5 / 68

Status:
Clean  (5 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/25/2024 2:24:18 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.CDB
1.3.0.4923

Emsisoft Anti-Malware
Gen:Trojan.FirewallBypass.VG0@aepGsQmi
8.14.10.10.02

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594
23.00.65.141008

Trend Micro House Call
PAK_Generic.009
7.2.283

Trend Micro
PAK_Generic.009
10.465.10

File size:
1.8 MB (1,939,457 bytes)

Product version:
1, 51, 0, 0

Copyright:
Copyright (C) SCS Software 2006

Trademarks:
Deer Drive (C) SCS Software 2006

Original file name:
deerdrive.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\microsoft games\deer drive\deerdrive.exe

File PE Metadata
Compilation timestamp:
8/10/2007 8:47:49 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
49152:iY0RS2HJ0yiFkH01SdBWkvM62mSM2JS6qvwps:iYRKJLU18WX6v92Q6qvwps

Entry address:
0x76206A

Entry point:
89, 25, 04, D0, B7, 00, 68, D7, 20, B6, 00, EB, 02, 4D, 74, EB, 04, 40, 53, 80, EB, EB, 02, 83, 26, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, EB, 02, E9, 1B, EB, 02, 80, CD, EB, 04, 6A, EB, F9, 3C, EB, 02, EB, 02, EB, 01, EB, EB, 02, 69, B1, EB, 02, 23, 04, EB, 02, 4D, 74, EB, 01, 70, EB, 01, B8, E9, 0D, 07, 00, 00, EB, 02, F7, 05, EB, 03, D1, 65, E4, EB, 02, 83, FC, EB, 03, EB, FA, B2, EB, 02, FF, 13, EB, 02, 8F, C7, 55, 89, E5, EB, 02, FF, 15, EB, 02, 8F, 42, EB, 02, EB, 02, EB, 01, EB, EB...
 
[+]

Entropy:
7.9137  (probably packed)

Code size:
1 MB (1,081,344 bytes)

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP SSL):
Connects to 195.34.13.149.zylom.net  (149.13.34.195:443)

Scan deerdrive.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.