home

ndisah.sys

Antamedia HotSpot Software

Antamedia Beograd MDOO

It runs as a Windows kernel mode device driver named “Antamedia HotSpot LightWeight Filter”.
Publisher:
Antamedia mdoo  (signed by Antamedia Beograd MDOO)

Product:
Antamedia HotSpot Software

Description:
NDISAH helper driver

Version:
3.2.7.1

MD5:
b942282d770d7c6dc4b2c411cdab8af1

SHA-1:
62e2a9bcc85f15c33ffe82a0c8c6c5827d5e64dd

SHA-256:
75569613a2df8f0c3c0efffb7cbe44517fe1554aa401cb3c838d8d280762811a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/25/2024 11:22:28 PM UTC  (a few moments ago)

File size:
38.3 KB (39,176 bytes)

Product version:
3.2.7.1

Copyright:
Copyright Antamedia mdoo© 2016

Trademarks:
WinpkFilter

Original file name:
ndisah.sys

File type:
Driver (Win32 SYS)

Language:
Language Neutral

Common path:
C:\Windows\System32\drivers\ndisah.sys

Digital Signature
Signed by:
Antamedia Beograd MDOO

Authority:
DigiCert Inc

Valid from:
6/2/2016 3:00:00 AM

Valid to:
6/7/2017 3:00:00 PM

Subject:
CN=Antamedia Beograd MDOO, O=Antamedia Beograd MDOO, L=Belgrade, C=RS

Issuer:
CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0AB1F81D927F9919674D14A783D4D678

File PE Metadata
Compilation timestamp:
6/10/2016 5:51:13 PM

OS version:
6.2

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
11.0

Entry address:
0x5376

Entry point:
8B, FF, 55, 8B, EC, E8, 6A, 41, 00, 00, 5D, E9, 94, 3D, 00, 00, CC, CC, CC, CC, CC, CC, 3B, 0D, 28, 80, 40, 00, 75, 03, C2, 00, 00, E9, 06, 00, 00, 00, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 51, 89, 4D, FC, 6A, 02, 59, CD, 29, CC, CC, CC, CC, CC, CC, FF, 25, C4, 70, 40, 00, CC, CC, CC, CC, CC, CC, CC, CC, 68, 30, 54, 40, 00, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, 28, 80, 40, 00, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7...
 
[+]

Entropy:
6.6623

Code size:
24 KB (24,576 bytes)

Driver
Display name:
Antamedia HotSpot LightWeight Filter

Service name:
NDISAH

Description:
@oem24.inf,%ndisah_Desc%;Antamedia HotSpot LightWeight Filter

Type:
Kernel device driver (KernelDriver)

Group:
NDIS


Scan ndisah.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.