» dem1c76.tmp
Overview
Analysis
File Details
Behaviors (1)

dem1c76.tmp

EslWireACD

Turtle Entertainment GmbH

It runs as a Windows 64-bit kernel mode device driver named “ESLWireAC”.

File name:

dem1c76.tmp

Publisher:

<Turtle Entertainment> (signed by Turtle Entertainment GmbH)

Product:

EslWireACD

Version:

1.0.0.6193

MD5:

0aec4ffbca7ec2bccabc10d0663a1143

SHA-1:

f1c3460c2ffaa6003051799db2a182a98e7c8eee

SHA-256:

a617f6813e9cee37aecfbb724f6b80750041badea1fc6d13d5fc6912b896fc47

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

2/25/2025 11:04:03 PM UTC (a few moments ago)

File size:

103.1 KB (105,608 bytes)

Product version:

1.0

Original file name:

EslWireACD

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\temp\dem1c76.tmp

Digital Signature

Signed by:

Turtle Entertainment GmbH

Authority:

GlobalSign nv-sa

Valid from:

12/12/2014 2:53:35 PM

Valid to:

1/26/2018 11:17:59 AM

Subject:

CN=Turtle Entertainment GmbH, O=Turtle Entertainment GmbH, L=Cologne, S=NRW, C=DE

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121A1E8F7E6944C92C7CA61440EFF3F250E

File PE Metadata

Compilation timestamp:

2/16/2017 10:49:43 AM

OS version:

6.2

OS bitness:

Win64

Subsystem:

Native (none required)

Linker version:

11.0

Entry address:

0x57322

Entry point:

E9, 3D, 5F, 00, 00, 3C, 09, E9, 52, 94, 00, 00, 80, 3F, 23, E9, B3, 77, 00, 00, 0F, 83, 4E, BD, 00, 00, 88, D0, FE, C8, B3, 02, 0F, 9A, C0, 28, D0, 83, C1, 01, 88, F8, F6, D0, B0, 10, E9, 91, 8D, 00, 00, 0F, 84, 49, 2F, 00, 00, E9, D2, C8, 00, 00, D3, 3F, EB, FB, C9, 55, 43, 39, 9A, 2C, 5B, A7, CB, 2F, 03, EF, 53, 4F, B3, C7, 12, E0, 65, 5D, 16, 18, 13, 87, EC, 36, B8, 86, ED, F9, FA, AC, 9B, F7, BB, 1F, D3, 0F, F9, FF, E0, 22, AB, 69, 07, 2F, FB, A5, 97, AF, 69, F9, 70, 54, 42, 34, FA, 04, B7, 51, CE, E5... 
[+]

Packer / compiler:

Xtreme-Protector v1.05

Code size:

19 KB (19,456 bytes)

Driver

Display name:

ESLWireAC

Type:

Kernel device driver (KernelDriver)

Scan dem1c76.tmp - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.