driver update.exe

PC Driver Kit

Install Manager

This adware bundler is distributed through Adknowledge's advertising supported software managers. The application driver update.exe, “PC Driver Kit ” by Install Manager has been detected as adware by 29 anti-malware scanners. The program is a setup application that uses the Adknowledge Fusion installer. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from e5hzz.instante.sweepsummer.eu.
Publisher:
Install Manager   (signed by Install Manager)

Product:
PC Driver Kit

Description:
PC Driver Kit

Version:
2.0.56.0

MD5:
d278da4abdffe2cba01e305f6c8a1264

SHA-1:
17a5de469a6b83e16ad04a41ad1152d1a9065709

SHA-256:
2abfdde37dc80b54f6cc2577d22585b62569acad46f26392f7bb11d8737ff266

Scanner detections:
29 / 68

Status:
Adware

Explanation:
This installer bundles various adware prorgams that may include toolbars and web browser advertising injectors/extensions.

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
12/28/2024 10:23:02 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Graftor.153852
364

Agnitum Outpost
PUA.AirAd
7.1.1

AhnLab V3 Security
PUP/Win32.Installer
2015.01.09

Avira AntiVirus
Adware/InstallCo.zka
7.11.200.58

avast!
Win32:Adware-BZI [PUP]
2014.9-160206

AVG
Generic
2017.0.2842

Baidu Antivirus
PUA.Win32.AirAdInstaller
4.0.3.1626

Bitdefender
Gen:Variant.Application.Bundler.Graftor.155900
1.0.20.185

Bkav FE
W32.HfsAdware
1.3.0.6267

Dr.Web
Trojan.SMSSend.5502
9.0.1.037

Emsisoft Anti-Malware
Gen:Variant.Adware.Graftor.153852
8.16.02.06.10

ESET NOD32
Win32/AirAdInstaller.A potentially unwanted application
10.7.0.302.0

F-Prot
W32/A-a607985a
v6.4.7.1.166

F-Secure
Gen:Variant.Adware.Graftor.153852
11.2016-06-02_7

G Data
Gen:Variant.Adware.Graftor.153852
16.2.24

IKARUS anti.virus
PUA.AirAdInstaller
t3scan.1.8.6.0

K7 AntiVirus
Unwanted-Program
13.190.14587

Kaspersky
not-a-virus:AdWare.Win32.AirAdInstaller
14.0.0.703

Malwarebytes
PUP.Optional.AirInstaller
v2016.02.06.10

MicroWorld eScan
Gen:Variant.Adware.Graftor.153852
17.0.0.111

NANO AntiVirus
Trojan.Win32.SMSSend.dfptxm
0.30.0.64448

Norman
Gen:Variant.Adware.Graftor.153852
11.20160206

nProtect
Trojan-Clicker/W32.AirAdInstaller.934296.B
15.01.08.01

Reason Heuristics
PUP.Adknowledge.InstallManager.Installer (M)
16.2.6.10

Rising Antivirus
PE:PUF.Airinstall!1.9C4C
23.00.65.16204

Sophos
PUA 'AirInstaller'
59

Vba32 AntiVirus
AdWare.AirAdInstaller
3.12.26.3

VIPRE Antivirus
Trojan.Win32.Generic
36496

Zillya! Antivirus
Backdoor.PePatch.Win32.44626
2.0.0.2029

File size:
897.4 KB (918,936 bytes)

Product version:
2.0.56.0

Copyright:
(c) Install Manager

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Adknowledge Fusion

Language:
English (United States)

Common path:
C:\users\{user}\downloads\driver update.exe

Digital Signature
Signed by:

Authority:
DigiCert Inc

Valid from:
8/6/2013 7:00:00 PM

Valid to:
8/11/2015 7:00:00 AM

Subject:
CN=Install Manager, O=Install Manager, L=Victoria, S=British Columbia, C=CA

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
06C0BBB90999729C33560EC18A203261

File PE Metadata
Compilation timestamp:
8/19/2014 11:29:30 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:al8MdhuJy9Z1ARjpQ4kvoCHCr21oUQAh5UcyHBWGktXE46SAjKvHWDialK6+oUdH:al8MdwyzXHvH0cuBytmVD7K6+pdCfWlP

Entry address:
0x297BE0

Entry point:
60, BE, 00, 80, 5C, 00, 8D, BE, 00, 90, E3, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89...
 
[+]

Entropy:
7.8743

Packer / compiler:
UPX 2.90LZMA

Code size:
832 KB (851,968 bytes)

The file driver update.exe has been seen being distributed by the following URL.

Remove driver update.exe - Powered by Reason Core Security