narcpi_wfp.sys

ContentWatch

It runs as a Windows 64-bit kernel mode device driver named “narcpi_wfp”.
Publisher:
ContentWatch  (signed and verified)

MD5:
e2ea94c3a48a503b0258885ec2c1c284

SHA-1:
cc69102c135c5da6da24e9fda8992055278e6d36

SHA-256:
113e0a5f3f16268ab22e932a805c518786ec21cade2074169cd6bfacc5ebe4fe

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 2:30:28 PM UTC  (today)

File size:
41.3 KB (42,288 bytes)

File type:
Driver (Win64 SYS)

Common path:
C:\Windows\System32\drivers\narcpi_wfp.sys

Digital Signature
Signed by:

Authority:
GlobalSign nv-sa

Valid from:
7/21/2015 5:24:01 AM

Valid to:
9/2/2018 7:35:24 AM

Subject:
CN=ContentWatch, O=ContentWatch, L=Midvale, S=Utah, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112108462DFB703E103BFE642A73AB3D06E5

File PE Metadata
Compilation timestamp:
8/14/2015 4:05:44 AM

OS version:
6.2

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
11.0

Entry address:
0x44C4

Entry point:
48, 89, 5C, 24, 08, 57, 48, 83, EC, 20, 48, 8B, DA, 48, 8B, F9, E8, 2F, 4B, 00, 00, 48, 8B, D3, 48, 8B, CF, 48, 8B, 5C, 24, 30, 48, 83, C4, 20, 5F, E9, 26, CF, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 3B, 0D, 19, 2B, 00, 00, 75, 12, 48, C1, C1, 10, 66, F7, C1, FF, FF, 75, 03, C2, 00, 00, 48, C1, C9, 10, E9, 08, 00, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC, B9, 02, 00, 00, 00, CD, 29, CC, CC, CC, CC, CC, CC, CC, FF, 25, 6C, 1C, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC...
 
[+]

Entropy:
6.7003

Code size:
19.5 KB (19,968 bytes)

Driver
Display name:
narcpi_wfp

Description:
NARC Packet Informant (WFP)

Type:
Kernel device driver (KernelDriver)


Scan narcpi_wfp.sys - Powered by Reason Core Security