home

cheano_drv.sys

杭州易玩科技有限公司

It runs as a Windows 64-bit kernel mode device driver named “cheano_drv”.
Publisher:
杭州易玩科技有限公司  (signed and verified)

MD5:
11dec3bd618715554f4460cb3942fda9

SHA-1:
0357390fd7b7c4f28800fde28af8d53851d53614

SHA-256:
aae78ecabdb9bc41ecb35ea5578618aa3d2fefeff41b7daefa5871d6aa37e80e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/27/2024 6:11:35 PM UTC  (today)

File size:
1.3 MB (1,397,208 bytes)

File type:
Driver (Win64 SYS)

Digital Signature
Signed by:
杭州易玩科技有限公司

Authority:
Symantec Corporation

Valid from:
10/8/2016 8:00:00 AM

Valid to:
10/9/2017 7:59:59 AM

Subject:
CN=杭州易玩科技有限公司, OU=IT Department, O=杭州易玩科技有限公司, L=杭州, S=浙江, C=CN, SERIALNUMBER=913301063281394284, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.1=hangzhou, OID.1.3.6.1.4.1.311.60.2.1.2=zhejiang, OID.1.3.6.1.4.1.311.60.2.1.3=CN

Issuer:
CN=Symantec Class 3 Extended Validation Code Signing CA - G2, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
4EE76694A9184BAE33A282005F929312

File PE Metadata
Compilation timestamp:
10/13/2016 11:02:27 PM

OS version:
10.0

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
14.0

Entry address:
0x316EA0

Entry point:
EB, 08, D2, 69, 11, 00, 00, 00, 00, 00, E9, 91, 7E, 11, 00, 2B, 86, C3, 33, 5D, 03, B6, B0, C3, 63, 8C, A3, 8E, CC, 62, A4, C3, A1, 64, 62, A7, 8B, E9, D2, 62, A4, FB, AF, 79, 62, A4, 63, 14, B6, 62, A4, 43, CB, A7, 62, A4, 13, DA, AF, 62, A7, CB, D2, 09, 62, A7, BB, 64, 26, 62, A4, 43, 6B, 73, 5F, 9E, F3, 0E, CD, E5, 4A, 04, B0, CA, E7, 5B, 3C, 47, D2, E7, 58, 74, AF, 2C, E7, 5B, 04, 41, FF, E7, 5B, 9C, 82, 78, E7, 5B, BC, 05, F9, E7, 5B, EC, 84, 31, E7, 58, 34, 7C, 0F, E7, 58, 44, 72, 2F, 04, D7, 8B, 62...
 
[+]

Entropy:
7.9463  (probably packed)

Code size:
29 KB (29,696 bytes)

Driver
Display name:
cheano_drv

Type:
Kernel device driver (KernelDriver)


Scan cheano_drv.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.