home

cheano_drv.sys

杭州易玩科技有限公司

It runs as a Windows kernel mode device driver named “cheano_drv”.
Publisher:
杭州易玩科技有限公司  (signed and verified)

MD5:
06cbfa0961642614fe045f979f681367

SHA-1:
ed1c43d8649488a086a1a0b39e537c6ad2037f91

SHA-256:
02ffcf29b86aaa319f5d361d45061be0282e80a63e84473e5fcc7a3712992fbe

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
3/9/2025 9:55:03 PM UTC  (today)

File size:
997 KB (1,020,896 bytes)

File type:
Driver (Win32 SYS)

Digital Signature
Signed by:
杭州易玩科技有限公司

Authority:
GlobalSign nv-sa

Valid from:
10/27/2016 3:24:26 PM

Valid to:
10/28/2018 3:24:26 PM

Subject:
CN=杭州易玩科技有限公司, OU=IT Dept., O=杭州易玩科技有限公司, L=杭州, S=浙江, C=CN

Issuer:
CN=GlobalSign CodeSigning CA - G3, O=GlobalSign nv-sa, C=BE

Serial number:
321F9F95A082BB2F44543056

File PE Metadata
Compilation timestamp:
10/29/2016 11:23:21 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

Entry address:
0x2A3D8F

Entry point:
EB, 08, 2B, DF, 0E, 00, 00, 00, 00, 00, E9, C6, 1D, FF, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, F0, 1A, 00, 0C, 00, 00, 00, A6, 36, C9, 38, 00, 00, 1B...
 
[+]

Entropy:
7.9395  (probably packed)

Code size:
10.5 KB (10,752 bytes)

Driver
Display name:
cheano_drv

Type:
Kernel device driver (KernelDriver)


Scan cheano_drv.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.