home

mkliosjd.sys

湖南蓝途方鼎科技有限公司

It runs as a Windows kernel mode device driver named “mkliosjd”.
Publisher:
湖南蓝途方鼎科技有限公司  (signed and verified)

MD5:
d650733a45e9be63563f0d280edcf594

SHA-1:
6c1d6bf9493f8cea19fe9c76d1d6ad4ea145bbf1

SHA-256:
6f6c0db8b9e5e94b3f3316fb956509c7273c6a4f3fe53d994196616e8defed6e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 7:26:54 AM UTC  (today)

File size:
9.6 KB (9,880 bytes)

File type:
Driver (Win32 SYS)

Common path:
C:\Program Files\siopmcd\mkliosjd.sys

Digital Signature
Signed by:
湖南蓝途方鼎科技有限公司

Authority:
VeriSign, Inc.

Valid from:
4/1/2015 12:00:00 PM

Valid to:
5/1/2016 11:59:59 AM

Subject:
CN=湖南蓝途方鼎科技有限公司, O=湖南蓝途方鼎科技有限公司, L=长沙市, S=湖南省, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2AC01DE88063BADB080008853FDD8C6C

File PE Metadata
Compilation timestamp:
6/5/2016 4:16:25 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
192:zimBHkOnXTr2V9ShJjtlAur9ZCspE+TMDQr7:XdLm2UHeMDi

Entry address:
0x103E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, E2, F6, FF, FF, CC, CC, 78, 10, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 78, 11, 00, 00, 80, 08, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, A8, 10, 00, 00, BE, 10, 00, 00, D2, 10, 00, 00, EE, 10, 00, 00, 00, 11, 00, 00, 18, 11, 00, 00, 22, 11, 00, 00, 2E, 11, 00, 00, 40, 11, 00, 00, 58, 11, 00, 00, 6A, 11, 00, 00, 00, 00, 00, 00, E3, 01, 49, 6F, 66, 43, 6F, 6D, 70, 6C, 65, 74, 65, 52, 65, 71, 75, 65, 73, 74, 00, 00...
 
[+]

Entropy:
5.9389

Code size:
1.5 KB (1,536 bytes)

Driver
Display name:
mkliosjd

Type:
Kernel device driver (KernelDriver)


Scan mkliosjd.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.