» DaShenAudio.sys
Overview
Analysis
File Details
Behaviors (1)

DaShenAudio.sys

DaShen Audio Filter Driver (DaShen Copyright)

KUNSHAN MOYEA SOFTWARE CO.,LTD

It runs as a Windows 64-bit kernel mode device driver named “DaShen Audio Filter Driver (DaShen Copyright)”.

File name:

DaShenAudio.sys

Publisher:

DaShen Development Team (signed by KUNSHAN MOYEA SOFTWARE CO.,LTD)

Product:

DaShen Audio Filter Driver (DaShen Copyright)

Description:

DaShen Virtual Audio Device

Version:

1.0

MD5:

e8e1990ec8374694732fe312d96d6a66

SHA-1:

5b373ad37c59de8747ba90b8bd47755863043e36

SHA-256:

acf6547586a14c319f70ce45e9c13c2dfb238714fe94eb5695f63590da4e53c2

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/24/2024 11:15:25 PM UTC (a few moments ago)

File size:

26.8 KB (27,440 bytes)

Product version:

1.0

Original file name:

DaShenAudio.sys

File type:

Driver (Win64 SYS)

Common path:

C:\Windows\System32\drivers\dashenaudio.sys

Digital Signature

Signed by:

KUNSHAN MOYEA SOFTWARE CO.,LTD

Authority:

GlobalSign nv-sa

Valid from:

5/25/2012 11:47:00 AM

Valid to:

7/31/2013 9:35:40 AM

Subject:

CN="KUNSHAN MOYEA SOFTWARE CO.,LTD", OU=Development Department, O="KUNSHAN MOYEA SOFTWARE CO.,LTD", L=苏州, S=江苏, C=CN

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121D528990816ABCA43A2DD40D0C7DA41B0

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

384:8azhxcrKeZf6AAgsyfYMJ7gR958Rymk+wtH6898W5cXqFKaYHdUb+8:8mqzVgr58Ryt998taFf/i8

Entry point:

8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 98, FF, FF, FF, CC, CC, D0, 70, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 62, 74, 00, 00, 10, 30, 00, 00, C0, 70, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, B8, 74, 00, 00, 00, 30, 00, 00, 74, 71, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 9C, 75, 00, 00, B4, 30, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 90, 74, 00, 00, 7C, 74, 00, 00, A4, 74, 00, 00, 00, 00, 00, 00, EE, 71, 00, 00, FE, 71, 00, 00, 0A, 72, 00, 00, 22, 72... 
[+]

Entropy:

6.3052

Driver

Display name:

DaShen Audio Filter Driver (DaShen Copyright)

Service name:

DaShenAudio_simple

Type:

Kernel device driver (KernelDriver)

Scan DaShenAudio.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.