httpdebuggerdrv.sys

Windows Win 7 DDK driver

Khachatur Petrosyan

It runs as a Windows 64-bit kernel mode device driver named “HTTPDebuggerDrv”.
Publisher:
Windows (R) Win 7 DDK provider  (signed by Khachatur Petrosyan)

Product:
Windows (R) Win 7 DDK driver

Description:
NetFilter SDK WFP Driver (WPP)

Version:
1.4.6.1

MD5:
6168c127a7e1f4518a98a2cd3b15baa8

SHA-1:
58ef2062cec5fe276dd885d0c85cb28a7158c689

SHA-256:
e4836e7753324ed1481c67bd798ce2754d0addb731fa808bd28050c1912df2d8

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/28/2024 9:38:51 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.Agent
7.1.1

Baidu Antivirus
Hacktool.Win64.NetFilter
4.0.3.1647

ESET NOD32
Win64/NetFilter.A potentially unsafe application
8.0.319.0

File size:
52.8 KB (54,040 bytes)

Product version:
6.2.9200.16384

Copyright:
Copyright © NetFilterSDK.com

Original file name:
netfilter2.sys

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\httpdebuggerdrv.sys

Digital Signature
Authority:
COMODO CA Limited

Valid from:
10/14/2014 2:00:00 AM

Valid to:
10/15/2015 1:59:59 AM

Subject:
CN=Khachatur Petrosyan, O=Khachatur Petrosyan, STREET="f 138, h 63 str Barrikadnaya", L=Simferopol, S=Crimea, PostalCode=95000, C=UA

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00DDEE8679E36CF736AD05FD1E302B6A80

File PE Metadata
Compilation timestamp:
1/2/2015 5:51:20 PM

OS version:
6.2

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
11.0

CTPH (ssdeep):
768:llvq7cKoAOx/DrUbLwBBMsfujQgDXoQrrP2hk6wq+ZCHt7BDjLb7Q1DQh+1lt:hzVCKPwXoYPKpEqjLbGQAZ

Entry address:
0x8E00

Entry point:
48, 89, 5C, 24, 08, 57, 48, 83, EC, 20, 48, 8B, DA, 48, 8B, F9, E8, F3, 41, 00, 00, 48, 8B, D3, 48, 8B, CF, 48, 8B, 5C, 24, 30, 48, 83, C4, 20, 5F, E9, 06, DD, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 3B, 0D, C9, 22, 00, 00, 75, 12, 48, C1, C1, 10, 66, F7, C1, FF, FF, 75, 03, C2, 00, 00, 48, C1, C9, 10, E9, 08, 00, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC, B9, 02, 00, 00, 00, CD, 29, CC, CC, CC, CC, CC, CC, CC, CC, CC, B9, 08, 00, 00, 00, CD, 29, CC...
 
[+]

Entropy:
6.2332

Code size:
37 KB (37,888 bytes)

Driver
Display name:
HTTPDebuggerDrv

Type:
Kernel device driver (KernelDriver)

Group:
PNP_TDI


Scan httpdebuggerdrv.sys - Powered by Reason Core Security