home

ALSysIO.sys

ALSysIO

ALCPU

It runs as a Windows kernel mode device driver named “ALSysIO”.
Publisher:
Arthur Liberman  (signed by ALCPU)

Product:
ALSysIO

Version:
2.0.10.0

MD5:
3f5b599094d8d62313ad1d608dd8d5e6

SHA-1:
314e0919e72b2d126bc1c6cb0054cb456443a872

SHA-256:
6bbe59200d6259d88699ad5926f97b6eeb511749c64afbd141dfeb5459194366

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 5:30:27 AM UTC  (today)

File size:
27.3 KB (27,904 bytes)

Product version:
2.0.10.0

Copyright:
Copyright (C) 2003-2009 Arthur Liberman

Original file name:
ALSysIO.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\alsysio.sys

Digital Signature
Signed by:
ALCPU

Authority:
COMODO CA Limited

Valid from:
4/12/2016 2:00:00 AM

Valid to:
4/13/2021 1:59:59 AM

Subject:
CN=ALCPU, O=ALCPU, STREET=Snapir st. 1/12, L=Tel Aviv, S=Tel Aviv, PostalCode=67298, C=IL

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
3020CDC2DB9ED0BE866D8392BB5C4D0E

File PE Metadata
Compilation timestamp:
7/1/2016 11:53:34 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
384:zcHvwkQYCdGJ6FaX59mH0rsMhdVo9oN/7jQaqriVj0:zcHv1wnFaXfm+3Do9oN/7+riVj0

Entry address:
0x703E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, E2, A3, FF, FF, CC, CC, 94, 70, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, A4, 73, 00, 00, 08, 50, 00, 00, 8C, 70, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, CA, 73, 00, 00, 00, 50, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, B2, 73, 00, 00, 00, 00, 00, 00, 3E, 71, 00, 00, 50, 71, 00, 00, 68, 71, 00, 00, 7E, 71, 00, 00, 88, 71, 00, 00, A0, 71, 00, 00, AC, 71, 00, 00, C8, 71, 00, 00, E0, 71, 00, 00, F0, 71, 00, 00, 10, 72...
 
[+]

Entropy:
6.6212

Code size:
14.5 KB (14,848 bytes)

Driver
Display name:
ALSysIO

Type:
Kernel device driver (KernelDriver)


Scan ALSysIO.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.