DriveTheLife.exe

DriveTheLife

Shenzhen DriveTheLife Software Technology Co.Ltd

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘DriveTheLife2013’.
Publisher:
Drive The Life Co., Ltd.  (signed by Shenzhen DriveTheLife Software Technology Co.Ltd)

Product:
DriveTheLife

Version:
6, 2, 6, 114

MD5:
3b511cce3553483a5f26ad5d640ef90d

SHA-1:
ee534251ea14f4765c3f9802bccba9ea3ce68704

SHA-256:
fdb64d05906878ef54f5b146e258d61bb4e6e169bfa2c6f8ee0a585e67682bfe

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 3:42:34 PM UTC  (today)

File size:
2.3 MB (2,422,624 bytes)

Product version:
6, 2, 6, 114

Copyright:
Copyright (C) 2008-2015 DriveTheLife. All Rights Reserved.

Original file name:
DriveTheLife.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\Program Files\ostotosoft\drivertalent\drivethelife.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
11/26/2014 1:00:00 AM

Valid to:
1/26/2016 12:59:59 AM

Subject:
CN=Shenzhen DriveTheLife Software Technology Co.Ltd, OU=驱动人生, O=Shenzhen DriveTheLife Software Technology Co.Ltd, L=Shenzhen, S=Guangdong, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
40107F784B1F742478A35B1DADC1710D

File PE Metadata
Compilation timestamp:
7/20/2015 7:32:49 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x73B01

Entry point:
E8, 9A, 93, 00, 00, E9, 78, FE, FF, FF, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 83, EC, 18, 53, 8B, 5D, 0C, 56, 8B, 73, 08, 33, 35, D4, 11, 4D, 00, 57, 8B, 06, C6, 45, FF, 00, C7, 45, F4, 01, 00, 00, 00, 8D, 7B, 10, 83, F8, FE, 74, 0D, 8B, 4E, 04, 03, CF, 33, 0C, 38, E8, E7, D5, FF, FF, 8B, 4E, 0C, 8B, 46, 08, 03, CF, 33, 0C, 38, E8, D7, D5, FF, FF, 8B, 45, 08, F6, 40, 04, 66, 0F, 85, 16, 01, 00, 00, 8B, 4D, 10, 8D, 55, E8, 89, 53, FC, 8B, 5B, 0C, 89, 45, E8, 89, 4D, EC, 83, FB, FE, 74, 5F, 8D, 49, 00, 8D...
 
[+]

Entropy:
7.0807

Code size:
616 KB (630,784 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
DriveTheLife2013

Command:
"C:\Program Files\ostotosoft\drivertalent\drivethelife.exe" \start


Scan DriveTheLife.exe - Powered by Reason Core Security