home

driveridentifier_portable.exe

Driver Identifier

The executable driveridentifier_portable.exe has been detected as malware by 7 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.driveridentifier.com.
Publisher:
Driver Identifier

Product:
Driver Identifier

Version:
4.02.0008

MD5:
07f4efd08f7b1d36114b386c6325f5cb

SHA-1:
ba5d777392e5a501149052a48682815c4babbb60

SHA-256:
57ecba009382675c7843dd803fb323b766497aff913824878e02fe82ba28c9a9

Scanner detections:
7 / 68

Status:
Malware

Analysis date:
11/24/2024 6:19:12 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Kukacka
160518-2

Dr.Web
Win32.Sector.30
9.0.1.05190

ESET NOD32
Win32/Sality.NBA virus
8.0.319.0

F-Prot
W32/Sality.gen2
4.6.5.141

Kaspersky
Virus.Win32.Sality
15.0.0.562

Microsoft Security Essentials
Threat.Undefined
1.223.2699.0

Norman
Win32.Sality.3
19.05.2016 01:04:49

File size:
980 KB (1,003,520 bytes)

Product version:
4.02.0008

Original file name:
driveridentifier_portable.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Documents and Settings\{user}\Local settings\temporary internet files\content.ie5\{random}\driveridentifier_portable.exe

File PE Metadata
Compilation timestamp:
10/28/2015 10:49:03 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:n//F/6rbE/pjrYZYJMQm5nbyUwpLU2Q6ePUFsDwl+N8JaX2IQ6Pnu/ZD:n//F/6rb6U2Q66J7mI9Pu/ZD

Entry address:
0x1274

Entry point:
60, 0F, AF, F5, 68, E4, 2E, 52, 00, 76, 04, 85, C8, 04, 17, C6, C4, 49, 68, 5A, C4, 2C, 00, 55, EB, 02, 85, FD, 86, C5, 2B, C5, 68, 41, 67, 94, 00, 69, CA, F2, 96, E4, 6D, 1C, 17, F7, C5, 87, D3, C8, 11, E8, 1D, 00, 00, 00, 3D, F8, 7D, 00, 00, 78, 08, F7, C3, 86, FE, EE, 3E, 84, C8, 85, C3, 0F, BF, D2, 1B, D6, B3, D3, 3D, 2A, 33, 00, 00, 46, 0F, AF, F1, 88, E7, 47, F3, FF, C7, 40, F6, C7, A6, B9, 1F, 12, 00, 00, 74, 03, 0F, BE, C1, 81, F1, 42, 26, 00, 00, 74, 04, F6, C4, E8, F2, 81, C1, 53, 16, 00, 00, 5F...
 
[+]

Code size:
904 KB (925,696 bytes)

The file driveridentifier_portable.exe has been seen being distributed by the following URL.

http://www.driveridentifier.com/.../driveridentifier_portable.exe

Remove driveridentifier_portable.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.