home

ndisah.sys

Antamedia HotSpot Software

Antamedia Beograd MDOO

It runs as a Windows kernel mode device driver named “Antamedia HotSpot LightWeight Filter”.
Publisher:
Antamedia mdoo  (signed by Antamedia Beograd MDOO)

Product:
Antamedia HotSpot Software

Description:
NDISAH helper driver

Version:
3.2.4.2

MD5:
0424c0bac6e3778d0e235987a5a7777d

SHA-1:
24dda8eefd8df3ad0fa483f18c532efbc3947aa8

SHA-256:
54a64da630f4877f1a7da515769dc4db3604872276fc86bb5f22586a0266d927

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/25/2024 8:47:53 PM UTC  (today)

File size:
45.3 KB (46,368 bytes)

Product version:
3.2.4.1

Copyright:
Copyright Antamedia mdoo© 2015

Trademarks:
WinpkFilter

Original file name:
ndisah.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\ndisah.sys

Digital Signature
Signed by:
Antamedia Beograd MDOO

Authority:
DigiCert Inc

Valid from:
8/25/2015 3:00:00 AM

Valid to:
8/29/2018 3:00:00 PM

Subject:
CN=Antamedia Beograd MDOO, O=Antamedia Beograd MDOO, L=Belgrade, C=RS, PostalCode=11000, STREET=Nebojsina 30, SERIALNUMBER=17478559, OID.1.3.6.1.4.1.311.60.2.1.3=RS, OID.2.5.4.15=Private Organization

Issuer:
CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0D53C9F474913B87F4873481B74CBA3C

File PE Metadata
Compilation timestamp:
8/21/2015 10:08:27 AM

OS version:
6.2

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
11.0

CTPH (ssdeep):
768:hH+3Vf81Oifznk8Zbx9NaKsBvbwYDQIkwPKgZkT3FfvU2y:axiLnjV9NGDQIk6oTat

Entry address:
0x5188

Entry point:
8B, FF, 55, 8B, EC, E8, 58, 33, 00, 00, 5D, E9, 82, 2F, 00, 00, CC, CC, CC, CC, CC, CC, 3B, 0D, 28, 70, 40, 00, 75, 03, C2, 00, 00, E9, 06, 00, 00, 00, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 51, 89, 4D, FC, 6A, 02, 59, CD, 29, CC, CC, CC, CC, CC, CC, FF, 25, C4, 60, 40, 00, CC, CC, CC, CC, CC, CC, 68, 40, 52, 40, 00, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, 28, 70, 40, 00, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC...
 
[+]

Entropy:
6.9024

Code size:
23.5 KB (24,064 bytes)

Driver
Display name:
Antamedia HotSpot LightWeight Filter

Service name:
ndisah

Description:
@oem20.inf,%ndisah_Desc%;Antamedia HotSpot LightWeight Filter

Type:
Kernel device driver (KernelDriver)

Group:
NDIS


Scan ndisah.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.