home

DriverDetective.exe

Driver Detective

PC Drivers HeadQuarters LP

The application DriverDetective.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from RevenueWire's affiliate distribution platform uyc.pcdriversheadqu.revenuewire.net.
Publisher:
PC Drivers HeadQuarters LP

Product:
Driver Detective

Version:
10.1.2.51

MD5:
26e54ae18ad60e315111437d494e9090

SHA-1:
055338f23974e0b9339246724cc0fd86bbcb53df

SHA-256:
b2b4100ee0e2205f5e28847e8de91803e6e52e683cae7e5794b3f122d146adce

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/5/2024 3:18:53 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Drivers.Optional.Meta (L)
16.5.13.5

File size:
409.6 KB (419,456 bytes)

Product version:
10.1.2.51

Copyright:
PC Drivers HeadQuarters LP

Original file name:
DriverDetective.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\driverdetective.exe

File PE Metadata
Compilation timestamp:
10/7/2014 12:40:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:KApBZyrfX5149Uox/uZcCGreyHFvFLTW5Q65QTcAKTwygaoD1DmOZgsMP:6DAUOvCEhNFLTuDOKTwfatOZLMP

Entry address:
0x3217

Entry point:
F7, C2, C0, 95, DD, AD, 55, 50, 87, ED, 20, F6, 72, 05, 0F, AF, C8, F7, D1, E8, 12, 00, 00, 00, C6, C0, 7F, 0F, AF, FE, 81, F2, F5, 6E, 00, 00, 69, F2, 07, 09, 42, 72, 84, E9, 80, C8, 48, 84, C0, 8D, 3D, 68, 8C, 0B, 00, 8B, EB, 81, F7, 47, 8D, 0B, 00, 85, F9, FE, CB, 88, FB, 88, C3, 89, D9, BE, F0, 9A, FF, FF, 81, F6, 2F, 6D, 00, 00, 81, F6, 7B, 0D, 00, 00, 4B, 56, 48, 58, 35, 29, 08, 00, 00, 86, FB, 13, D6, 0F, CE, 89, CE, 71, 0C, 0F, BE, DB, 0F, BE, DD, 0F, CB, 8B, F3, F7, D3, 68, 48, 0E, 00, 00, 74, 07...
 
[+]

Entropy:
7.8479  (probably packed)

Code size:
23 KB (23,552 bytes)

The file DriverDetective.exe has been seen being distributed by the following URL.

http://uyc.pcdriversheadqu.revenuewire.net/.../download?id45des2

Remove DriverDetective.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.