» dffdriverdownloadmanager.exe
Overview
Analysis
File Details
Programs (1)
Downloads (5)

dffdriverdownloadmanager.exe

PC Drivers HeadQuarters, Inc

This is a setup and installation application. The file has been seen being downloaded from files.downloadnow.com and multiple other hosts.

File name:

Publisher:

Drivers For Free (signed by PC Drivers HeadQuarters, Inc)

Product:

Drivers For Free

Description:

This installer database contains the logic and data required to install Drivers For Free Client.

Version:

2.00

MD5:

b5569de2ae6a3a85ff46c37b3aa85384

SHA-1:

88aa8382dd08a788999cf0f112bc7c77dda72cd7

SHA-256:

db0c9fe5474d74459badbafe47499652386eccffae451fe79aa7d3d9a0042440

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/27/2024 2:07:13 AM UTC (today)

File size:

7.1 MB (7,449,616 bytes)

Product version:

2.00

Original file name:

InstallShield Setup.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\dffdriverdownloadmanager.exe

Digital Signature

Signed by:

PC Drivers HeadQuarters, Inc

Authority:

VeriSign, Inc.

Valid from:

4/4/2011 2:00:00 AM

Valid to:

4/22/2014 1:59:59 AM

Subject:

CN="PC Drivers HeadQuarters, Inc", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="PC Drivers HeadQuarters, Inc", L=Temple, S=Texas, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

4BB5B8756BAFFB81CF8C6C8EF4E61006

File PE Metadata

Compilation timestamp:

4/25/2012 3:16:29 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

196608:KIROdRjieXyOvLgf1axy/DVWO3UrMNOjHdU7ALCaGeNqDN:pOJgf19/DVWO3UrMAdKA+aGfDN

Entry address:

0x9895B

Entry point:

E8, 4E, 28, 01, 00, E9, 79, FE, FF, FF, 85, C0, 74, 0D, 33, C9, 85, C0, 0F, 9F, C1, 8D, 4C, 09, FF, 8B, C1, C3, 0F, B6, 00, 0F, B6, 09, 2B, C1, 74, 0D, 33, C9, 85, C0, 0F, 9F, C1, 8D, 4C, 09, FF, 8B, C1, C3, 66, 8B, 06, 66, 3B, 01, 74, 35, 0F, B6, 11, 0F, B6, C0, 2B, C2, 74, 11, 33, D2, 85, C0, 0F, 9F, C2, 8D, 54, 12, FF, 8B, C2, 85, C0, 75, 1C, 0F, B6, 46, 01, 0F, B6, 49, 01, 2B, C1, 74, 10, 33, C9, 85, C0, 0F, 9F, C1, 8D, 4C, 09, FF, 8B, C1, C3, 33, C0, C3, 8B, 06, 3B, 01, 74, 6F, 0F, B6, 11, 0F, B6, C0... 
[+]

Entropy:

7.8953 (probably packed)

Code size:

907.5 KB (929,280 bytes)

The file dffdriverdownloadmanager.exe has been discovered within the following program.

360Amigo System Speedup Free by 360Amigo

360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).

www.360amigo.com

53% remove it

The file dffdriverdownloadmanager.exe has been seen being distributed by the following 5 URLs.

http://files.downloadnow.com/s/software/13/79/94/.../DFFDriverDownloadManager.exe

http://software-files-a.cnet.com/s/software/13/79/94/.../DFFDriverDownloadManager.exe

http://c518302.r2.cf2.rackcdn.com/DFFDriverDownloadManager.exe

http://302f8f1ec9550f09701e-cd336313beab8e0994a7112f2f5611cd.r45.cf2.rackcdn.com/DFFDriverDownloadManager.exe

http://www.driversforfree.com/DownloadDriversForFree.aspx

Scan dffdriverdownloadmanager.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.