» ed276eef.sys
Overview
Analysis
File Details
Behaviors (1)

ed276eef.sys

SOFTWARE CENTER INFORMATICA LTDA - ME

The file ed276eef.sys by SOFTWARE CENTER INFORMATICAA - ME has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a Windows 64-bit kernel mode device driver named “{EEE9D9BE-EA8E-5861-8EEA-71588EEA6158}”.

File name:

ed276eef.sys

Publisher:

SOFTWARE CENTER INFORMATICA LTDA - ME (signed and verified)

MD5:

da2f86bc9a36c9a306e11c54d799d69d

SHA-1:

a05faab597f97f739e0f836283603b8c33b27814

SHA-256:

d24c0577674713dc586d1abad8779ef78ca70b49499500a7cfcc662f1ad6385a

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

2/25/2025 3:50:20 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.SOFTWARECENTERINFORMATICAAME (M)

15.10.10.16

File size:

12.3 KB (12,616 bytes)

File type:

Driver (Win64 SYS)

Common path:

C:\Windows\System32\ed276eef.sys

Digital Signature

Signed by:

SOFTWARE CENTER INFORMATICA LTDA - ME

Authority:

GlobalSign nv-sa

Valid from:

7/7/2015 1:53:38 PM

Valid to:

4/24/2016 2:34:16 PM

Subject:

CN=SOFTWARE CENTER INFORMATICA LTDA - ME, OU=TI, O=SOFTWARE CENTER INFORMATICA LTDA - ME, L=JUQUITIBA, S=SAO PAULO, C=BR

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

112139F30B0CE5D80DD72A4163DFD0E9456A

File PE Metadata

Compilation timestamp:

7/7/2015 2:21:32 PM

OS version:

6.3

OS bitness:

Win64

Subsystem:

Native (none required)

Linker version:

12.0

CTPH (ssdeep):

192:99vF+lW0uzwmjISrtVkUTgBxe1HCjv4pdhhmGRE8l0ipyCsxxmU/ky:fcgP8ERIKJ7ZE85pMYc

Entry address:

0x13CC

Entry point:

48, 89, 5C, 24, 08, 57, 48, 83, EC, 20, 48, 8B, DA, 48, 8B, F9, E8, 1F, 3C, 00, 00, 48, 8B, D3, 48, 8B, CF, 48, 8B, 5C, 24, 30, 48, 83, C4, 20, 5F, E9, A6, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 3B, 0D, F9, 1C, 00, 00, 75, 10, 48, C1, C1, 10, 66, F7, C1, FF, FF, 75, 01, C3, 48, C1, C9, 10, E9, 02, 00, 00, 00, CC, CC, B9, 02, 00, 00, 00, CD, 29, CC, 48, 83, EC, 28, 4D, 8B, 41, 38, 48, 8B, CA, 49, 8B, D1, E8, 0D, 00, 00, 00, B8... 
[+]

Code size:

2 KB (2,048 bytes)

Driver

Display name:

{EEE9D9BE-EA8E-5861-8EEA-71588EEA6158}

Type:

Kernel device driver (KernelDriver)

Remove ed276eef.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.