» drivertuner_setup.exe
Overview
Analysis
File Details
Downloads (1)

drivertuner_setup.exe

DriverTuner

LionSea Software co., ltd

The application drivertuner_setup.exe, “DriverTuner Setup ” has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Inno Setup installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from 693c7hsf2kh43l24oh5buravfy.hop.clickbank.net.

File name:

Publisher:

LionSea Software co., ltd

Product:

DriverTuner

Description:

DriverTuner Setup

MD5:

85fbc0ea090cd9c0ce010919ad64b542

SHA-1:

e78eb259416ce8db5e2dda5cbfa3dd4c65a5eb70

SHA-256:

2111edd3d5ea514ed04d8e0cfcae5fbfe1d9a1c8b3153ed2aa6c7b12bd4abe0f

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/23/2024 2:22:59 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.LionSea.Optional.Installer.Meta (M)

16.7.7.1

File size:

6.1 MB (6,398,344 bytes)

Product version:

3.5.0.1

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\drivertuner_setup.exe

File PE Metadata

Compilation timestamp:

12/20/2011 9:16:50 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:Z/N2EAiYdb5s7VNdXDns9j4zJPaFDB6wIAZfeBWgpgUX6+nUd6w7jFzD9Mi2XWUA:HsvbI9js9c1PaiMZvgpgStAtDGRWUmY

Entry address:

0x16478

Entry point:

EB, 06, 2C, FA, FE, CE, 8B, ED, 8B, D5, 88, EF, 0F, CA, E8, 12, 00, 00, 00, 8D, 3D, B8, 24, 60, A2, FF, C7, F6, DD, 33, D9, 81, D2, 05, 7C, 7D, B7, 69, EE, 8C, 08, 80, 42, 2D, A7, CB, B9, C1, 0F, CA, 81, F7, FC, 4D, 00, 00, 3B, C6, 75, 08, 23, EB, 69, D0, 7E, 85, 29, D4, 5E, 86, FB, 81, F9, C1, F3, 00, 00, 72, 04, 0F, C9, 1A, C8, 71, 09, 12, C1, 80, E9, D3, B0, 93, 85, C5, 04, BF, 1C, 04, BB, 53, 9C, 05, 00, 81, EB, 53, 9C, 05, 00, 81, CB, F9, 04, 00, 00, 88, D4, 0F, CF, FE, CC, 53, 8A, E0, 59, EB, 04, 88... 
[+]

Entropy:

4.7529

Code size:

84 KB (86,016 bytes)

The file drivertuner_setup.exe has been seen being distributed by the following URL.

http://693c7hsf2kh43l24oh5buravfy.hop.clickbank.net/?tu=download&tid=yu1lenddb409c47313f739

Remove drivertuner_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.