home

SlimDrivers-setup.exe

SlimDrivers

Slimware Utilities, Inc.

The setup for the Slimware 'PC optimization' product may present the user with unwanted offers or may be installed as part of a bundled offer. The application SlimDrivers-setup.exe, “SlimDrivers Setup Wizard” by Slimware Utilities has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. The file has been seen being downloaded from ftp-stahuj.centrum.cz and multiple other hosts.
Publisher:
Slimware Utilities, Inc.  (signed and verified)

Product:
SlimDrivers

Description:
SlimDrivers Setup Wizard

Version:
1.3

MD5:
13d6e0aef0f093f30bab17380c92177d

SHA-1:
ade841d0da6abf2efe0a1309355e5a4a0907d767

SHA-256:
25bfb759e6eb93406dff4dd936fc7ba200f46187fa331e3fc567f62c860413be

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/22/2024 4:28:47 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.SlimWare.Optional.Installer.Meta (L)
15.12.11.23

File size:
838.3 KB (858,432 bytes)

Product version:
1.3

Copyright:
Copyright SlimWare Utilities, Inc. 2011-2012

Original file name:
SlimDrivers-setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Digital Signature
Signed by:
Slimware Utilities, Inc.

Authority:
VeriSign, Inc.

Valid from:
1/4/2013 1:00:00 AM

Valid to:
1/5/2015 12:59:59 AM

Subject:
CN="Slimware Utilities, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Slimware Utilities, Inc.", L=Ocean Springs, S=Mississippi, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
396592A759309A28F5D983A5A376DA47

File PE Metadata
Compilation timestamp:
9/24/2013 9:20:54 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:1t5b5+t+I4hsKSkkSAbNYJk2Ff6oQWOfV2nH:ZbIt+N3gNYJk2Ff6obH

Entry address:
0x2D806

Entry point:
E8, EA, 77, 00, 00, E9, 17, FE, FF, FF, 3B, 0D, 70, FD, 45, 00, 75, 02, F3, C3, E9, 6A, 78, 00, 00, 8B, 44, 24, 04, 66, 8B, 08, 40, 40, 66, 85, C9, 75, F6, 2B, 44, 24, 04, D1, F8, 48, C3, 55, 8B, EC, 8B, 45, 14, 56, 57, 33, FF, 3B, C7, 74, 47, 39, 7D, 08, 75, 1B, E8, EF, 52, 00, 00, 6A, 16, 5E, 89, 30, 57, 57, 57, 57, 57, E8, 9F, 7D, 00, 00, 83, C4, 14, 8B, C6, EB, 29, 39, 7D, 10, 74, E0, 39, 45, 0C, 73, 0E, E8, CA, 52, 00, 00, 6A, 22, 59, 89, 08, 8B, F1, EB, D7, 50, FF, 75, 10, FF, 75, 08, E8, 09, 79, 00...
 
[+]

Code size:
292 KB (299,008 bytes)

The file SlimDrivers-setup.exe has been seen being distributed by the following 50 URLs.

http://ftp-stahuj.centrum.cz/dl/f74185486876295c782b093c83d67db8/58165e91/stahuj/download/software/secured/s/slimdrivers/.../slimdrivers-setup.exe

http://ftp-stahuj.centrum.cz/dl/06695585bf9e0a9b85a73e63f26dc2d2/582b3b96/stahuj/download/software/secured/s/slimdrivers/.../slimdrivers-setup.exe

https://doc-10-2k-docs.googleusercontent.com/docs/securesc/clkdij168037mimjhb7lcehquuhsbq51/pl7bs8q686i7f5qqntjef293dv5hpng9/1485230400000/.../06242817324634750124/0B8E3ghc0uukYM1V5RjFueWRzUVU?e=download

http://gsf-cf.softonic.com/ade/841/.../file?instance=softonic_br&Expires=1413089093&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=c5XcynqbNIOYUfmI6M9hWFvcoDNdyyk0o3bOwvmHBXdPHHvJPXgZs7d~aiQIv3fJCNPxns9sLY67MxCN5G8nXE~HdYl-IqrL7iZIDf9qWvw232sw7wJH2Q8lLjM1tfo9yYCY0JvVJTDYZlHEHWD3NpQGiiOKosO5M~8BHKJu9ek_&filename=slimdrivers-setup.exe

http://gsf-cf.softonic.com/ade/841/.../file?instance=softonic_br&Expires=1414473735&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=CtSF1RjHGlPYmU4FMjvAbAr-5jJNzDjHUStT946ecP9pl34EN4B98pftMsj73onNr~vj4XNGXhuwTrs8fqEZjMJAd0ZU9m62S9adPry-y7QHwdcfIUIMchw22~50Cb4BWxvvjDr0kQTnBr78BhSk7AzRZ7onBoiOA~s-1xJliKk_&filename=slimdrivers-setup.exe

https://app.box.com/index.php?rm=box_download_shared_file&shared_name=p4ab2pmsjdsb2hxq2i5s&file_id=f_18120704860

http://gsf-cf.softonic.com/ade/841/.../file?instance=softonic_br&Expires=1412318740&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=WlRBTvJLsmqfHA0H4lqEIoCr8ego7KElIKy9dE9CUYsG5uxkAO7o2Va5jartZa9tc-1Wl-3rz9~dnVF94B1y8knZxFOl~sXut2A1otmLlhRMOU3ybvsjtJITmtacQrfnprFz2QJp-nRKRxRpfA4CUlI7jMUVITyPz2x31ZgAUy4_&filename=slimdrivers-setup.exe

http://ftp-stahuj.centrum.cz/dl/4597c1b72dd834a986e8b8d0d55a4a53/58962bf0/stahuj/download/software/secured/s/slimdrivers/.../slimdrivers-setup.exe

http://lb.cdn.m6web.fr/d/c/a/d2a007874115f47a5e06dcc5c3595541/548834a1/soft/.../slimdrivers_2-2-32705_fr_412744.exe

http://ftp-stahuj.centrum.cz/dl/88cbf27ff3df1332b770db7602cb3948/5820cb20/stahuj/download/software/secured/s/slimdrivers/.../slimdrivers-setup.exe

http://ftp-stahuj.centrum.cz/dl/a221a4c6a50c19f1cf5fa8d9dbb351e4/5854634a/stahuj/download/software/secured/s/slimdrivers/.../slimdrivers-setup.exe

http://ftp-stahuj.centrum.cz/dl/4c6458f1d74c2b148ba045d6c3af825c/5808c404/stahuj/download/software/secured/s/slimdrivers/.../slimdrivers-setup.exe

http://ftp-stahuj.centrum.cz/dl/6d0111a55a608b1bd2edd7338f452e28/586a543c/stahuj/download/software/secured/s/slimdrivers/.../slimdrivers-setup.exe

http://soft.archive2.clubic.com/files/326c9f6d21a2ebaf877348f893a8bc0f/5290c144/.../slimdrivers_2-2-32705_fr_412744.exe

http://soft.archive1.clubic.com/files/73ca72621a6a2fa80aff351090086af9/52eabbb7/.../slimdrivers_2-2-32705_fr_412744.exe

http://www.speedyshare.com/7ry6t/7149a1bc/.../SlimDrivers-2.2.32705.52095.exe

http://i.download.idg.pl/fannef/189ac8a94135e06fce6308dbbef17c1d/54f23d28//vol2/w95/drivers/.../slimdrivers-setup_2.2.32705.exe

http://gsf-cf.softonic.com/ade/841/.../file?instance=softonic_br&Expires=1411344405&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=hWTthsCYxPy1GETvBq7hDx8xPDNmMAHfl~T0E~c9IwdbgiTBYQL~Ifcpc7Vv4Odhxby-b-W9QijIzhrMyoPnAssuIk4nBi4n5YXoymaBFVUZg7E2mPbQqW91efZhdptkUtqG82KOL6rBNrfhkUZJrVAlmHpFJu5rTMs28hr0GGQ_&filename=slimdrivers-setup.exe

http://global-shared-files-l3.softonic.com/ade/841/.../file?nvb=20141003172557&nva=20141004052657&token=00d2314ed0c8770838c92&instance=softonic_es&filename=slimdrivers-setup.exe

http://software-files-a.cnet.com/s/software/12/77/75/.../slimdrivers-setup.exe

https://mail.google.com/mail/u/.../?ui=2&ik=f7c0b7bfc3&view=att&th=141d08e26befcac2&attid=0.1&disp=safe&realattid=f_hmysbc4z0&zw

http://ftp-stahuj.centrum.cz/dl/43408c8990db2c35e86f88c70ad29f75/57f683a7/stahuj/download/software/secured/s/slimdrivers/.../slimdrivers-setup.exe

http://ftp-stahuj.centrum.cz/dl/dd57bfe69ee0c6893e8fabe89dd80d3d/57e37c3d/stahuj/download/software/secured/s/slimdrivers/.../slimdrivers-setup.exe

http://ftp-stahuj.centrum.cz/dl/36f30a49065e2e11cfcbc2c5cc68f912/57f111ca/stahuj/download/software/secured/s/slimdrivers/.../slimdrivers-setup.exe

http://ftp-stahuj.centrum.cz/dl/b3beee60c9c406c1dfbc20a19988489e/580e8b21/stahuj/download/software/secured/s/slimdrivers/.../slimdrivers-setup.exe

http://ftp-stahuj.centrum.cz/dl/5565a216115ce5dc67f07e0cd5e63d09/584836bb/stahuj/download/software/secured/s/slimdrivers/.../slimdrivers-setup.exe

http://ftp-stahuj.centrum.cz/dl/e2bba6d7669091cf10e16c254c49bda4/575f0c78/stahuj/download/software/secured/s/slimdrivers/.../slimdrivers-setup.exe

http://www.softportal.com/getsoft-20085-slimdrivers-1.html

https://doc-04-2s-docs.googleusercontent.com/docs/securesc/3l2usihsmmkclcnvi8vn5ggk7ehrt313/i2hdsn6qdm265043cl92opctaqvm074h/1451750400000/.../02451549381471601753/0B_dEIa7JbwTEM08zRGRfRGVlUUk?e=download

http://qpdownload.com/download.php?name=slimdrivers

Latest 30 of 160 download URLs

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to ec2-107-22-237-248.compute-1.amazonaws.com  (107.22.237.248:80)

TCP (HTTP):
Connects to ec2-52-205-138-83.compute-1.amazonaws.com  (52.205.138.83:80)

TCP (HTTP):
Connects to ec2-52-55-209-160.compute-1.amazonaws.com  (52.55.209.160:80)

TCP (HTTP):
Connects to ec2-52-73-139-56.compute-1.amazonaws.com  (52.73.139.56:80)

TCP (HTTP):
Connects to ec2-52-206-223-211.compute-1.amazonaws.com  (52.206.223.211:80)

TCP (HTTP):
Connects to ec2-50-17-223-81.compute-1.amazonaws.com  (50.17.223.81:80)

TCP (HTTP):
Connects to s3-website-us-east-1.amazonaws.com  (52.216.80.10:80)

TCP (HTTP):
Connects to ip-184-168-221-57.ip.secureserver.net  (184.168.221.57:80)

TCP (HTTP):
Connects to ec2-52-6-203-247.compute-1.amazonaws.com  (52.6.203.247:80)

Remove SlimDrivers-setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.