msijqxfm.sys

湖南蓝途方鼎科技有限公司

It runs as a Windows kernel mode device driver named “msijqxfm”.
Publisher:
湖南蓝途方鼎科技有限公司  (signed and verified)

MD5:
f0e6fa6cffe930a6f38a766025f616e4

SHA-1:
4e34ffbb79148ad83290dfae5123f0724d8959c8

SHA-256:
263ebe7a3e15696d185fc248966933703ae0b48bb3caed8c10a1ba3249841ef1

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/29/2024 12:36:46 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Adware.Agent.NQL application
6.3.12010.0

F-Prot
W32/Dropper.6!Generic
4.6.5.141

File size:
211.1 KB (216,216 bytes)

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\msijqxfm.sys

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
4/2/2015 3:00:00 AM

Valid to:
5/2/2016 2:59:59 AM

Subject:
CN=湖南蓝途方鼎科技有限公司, O=湖南蓝途方鼎科技有限公司, L=长沙市, S=湖南省, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2AC01DE88063BADB080008853FDD8C6C

File PE Metadata
Compilation timestamp:
6/6/2016 7:16:06 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
6144:7RN5LLmLveO6++yw0t743bMOaBztvCBDErP:7BmLH6++s74bMOqztvoDyP

Entry address:
0x31D3E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, E2, E7, FC, FF, CC, CC, 9C, 1D, 03, 00, 00, 00, 00, 00, 00, 00, 00, 00, D8, 20, 03, 00, 90, 72, 02, 00, 8C, 1D, 03, 00, 00, 00, 00, 00, 00, 00, 00, 00, 0E, 21, 03, 00, 80, 72, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, DA, 27, 03, 00, FA, 20, 03, 00, E6, 20, 03, 00, 00, 00, 00, 00, AA, 1F, 03, 00, C2, 1F, 03, 00, D4, 1F, 03, 00, E8, 1F, 03, 00, F2, 1F, 03, 00, 0A, 20, 03, 00, 14, 20, 03, 00, 2C, 20, 03, 00, 3E, 20...
 
[+]

Entropy:
6.6488

Code size:
158.4 KB (162,176 bytes)

Driver
Display name:
msijqxfm

Type:
Kernel device driver (KernelDriver)


Scan msijqxfm.sys - Powered by Reason Core Security