adspiderex.sys

AD-Spider FS Monitoring Driver

digitalonnet

The file adspiderex.sys by digitalonnet has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a Windows kernel mode device driver named “ADSPIDEREX”.
Publisher:
(주)디지탈온넷  (signed by digitalonnet)

Product:
AD-Spider FS Monitoring Driver

Version:
2010,01,20,0 built by: WinDDK

MD5:
16711631bb15eefec1d4d9f3d362518b

SHA-1:
c4d69f55b0dd56e2a73814b3a6e8fd499f6613fc

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 4:03:35 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.AdSpider (M)
17.2.28.2

File size:
37.4 KB (38,256 bytes)

Product version:
2010,01,20,0

Copyright:
(c) Digitalonnet. All rights reserved.2008-2010

Original file name:
adspiderex.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\adspiderex.sys

Digital Signature
Signed by:

Authority:
Thawte, Inc.

Valid from:
5/18/2013 9:00:00 AM

Valid to:
6/18/2015 8:59:59 AM

Subject:
CN=digitalonnet, O=digitalonnet, L=Gangnam-gu, S=Seoul, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
657BCCB13306BCCE913E33D25DEE1FB8

File PE Metadata
Compilation timestamp:
11/27/2014 9:13:05 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

Entry address:
0xC03E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 52, 90, FF, FF, CC, CC, 9C, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, F0, C6, 00, 00, 10, 70, 00, 00, 8C, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 46, C7, 00, 00, 00, 70, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 1E, C7, 00, 00, 0A, C7, 00, 00, 32, C7, 00, 00, 00, 00, 00, 00, F4, C1, 00, 00, 0C, C2, 00, 00, 24, C2, 00, 00, 46, C2, 00, 00, 5E, C2, 00, 00, 76, C2, 00, 00, 94, C2, 00, 00, A0, C2, 00, 00, AA, C2...
 
[+]

Entropy:
6.4741

Code size:
25 KB (25,600 bytes)

Driver
Display name:
ADSPIDEREX

Type:
Kernel device driver (KernelDriver)


Remove adspiderex.sys - Powered by Reason Core Security