drivermax.exe

DriverMax

Innovative Solutions Grup SRL

The application drivermax.exe, “DriverMax Setup ” by Innovative Solutions Grup SRL has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from dw.uptodown.com and multiple other hosts.
Publisher:
Innovative Solutions   (signed by Innovative Solutions Grup SRL)

Product:
DriverMax

Description:
DriverMax Setup

MD5:
b2f6106aa779e47752a46b44b60899bb

SHA-1:
66158c0a122071fee6198f471f9ec3b7f4306592

SHA-256:
aad656b5c38affbcad6af9a054b4d02c880cd97db8aee52423326bc45cd2c702

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 12:55:38 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.DriverMax.Innovati.Installer.Meta (L)
16.6.28.12

File size:
5.4 MB (5,628,664 bytes)

Product version:
8.24.0.452

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\drivermax.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
5/9/2016 3:32:29 PM

Valid to:
5/10/2017 3:32:29 PM

Subject:
CN=Innovative Solutions Grup SRL, O=Innovative Solutions Grup SRL, L=Bucharest, S=Bucharest, C=RO

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11218B1A0626519F5DB62A3B7FECA1E024B0

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:UJB3A+OCMPIdpa/kCPki4vveDCnRYU3429aEr9AXBV4UdvvTIhS0qGWP:fCM28kgeqGC29a8Aldvbh0tWP

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file drivermax.exe has been seen being distributed by the following 9 URLs.

https://dw.uptodown.com/dwn/rpzyKE7GbtxTZQDJtAjQNWJRFek_cgAvoZA51zTwurf6P2Za0rHqYuB6w6STYybEgmwB9Skd2_P7jXk6FFmKHmf5hG23eCOaL22VHbGpxdJYaFXDQgM_lR1NjTWdxX-5/YHMYsLu4KL8HbWuoy6rZI2meVpJ1nzVwfvBSSPZYOurFKDgin7TGN_D4q_EGjjYi1LbmuBcdS22RabHmC2kpPH5KsbQvEEunJGjVil_DrbtygwS66cf48DD9FYdNVu_v/.../

https://dw.uptodown.com/dwn/nqruSnQueAg277Klzjn6x49Hj-JVzNoTRoYl5XHS8d9_qMeQrGemWpu8mJV37oG1-nTR5wmAZUmw42NR7ZSAPWIa65jCJNsezR9G2q3M7V-d1-jtB-e-H4gGQOkoeh9d/aqPGwcyF7cRGR7mKOB1kXsZb7IR_TyfhE9MsI3JFy6ztxtErrNcVP4tm5tH9ZGAsclYrnhQCbW4m0Wv-M8oKykAtAEaB8JGW_OGdGRz3spMR7n24tTsx3tvNSzPMxWAR/fQIp1iXhvbaVRJbBXS2WvrXrm742lJ-hNNQJ-EsE53zmWhU9TKUSOttSERfTN2GrfIWdo6WTK5QEz_5iLmCsYrnjeRfSyP0YyXb577Pc4W1u9p25NMlUXBwvijapKPB-/.../

https://dw.uptodown.com/dwn/yvTbhDGdzZ0GUpNJanmfM_O4yu5zPJ9nYFv3rgVimjAbr5LH-tUpf7LsTU8cWFFPVIBqwWmt3e0dYcAXpSXDDLUKoFYtLy4QebkXHannh7egPQUiI5zbteHbZA2L_aNe/bQTlfZ2UnV5xqZfjrbsxeVRrNXGb2-WFD8fVjyYfF_1FDfYRPKRFJtfcGsmum-akiuN1V_O4D33J8VU39qINC1taTiZO8usICcH2Ovp02J81cW2VVZevsYlbjHA2t_wd/szfUW2x6-g0vgOBkWd3g23z-mGurvGC1-I4wFOS3CUHkN3QgiyDwf3MqiWF2SACnyorGW79knKxIzS-2voCibJRaM_fqDOk07nVzDXJM6kUPZsuuOcVD211e9SjMk5U_/.../

http://www.wimsbios.com/recommend/.../firsttopic

https://dw.uptodown.com/dwn/9iWSKHYDLB9yx3gkMptJ0jSWUfhdRNremhkSrmr1Br-wpGz9Zzxw59YuoIASHYqPPeUKNi8XGBcMOGd5ziBARXVqn9rXrRaXoHixPKD351cmNdrE5TN1vXlDDMhRJy-r/AgjVWKS_luhzfKQKb_n517jVLXP-tddeAMbyWEh3nEhztk0Q9iRbJXBtsC2lrI8XSxOsL4KY_QYLQ5WWXgP-CXR7fhwCZBLPcUvcptcPTMcrMwNa9JBrSEExxcdldp8F/XJzbKeDEDzBuqdNnsb9WK6CLgLdH4wYxrXuhm9aov8GAmgi-wIK2QIYhgp2SdNiReUEdI8FmiXoOBCtBChSWT1gy9153pACiObgfbKA95aIv8-JKDfXcdC0D5cPGHSQ2/.../

Remove drivermax.exe - Powered by Reason Core Security