home

ndisah.sys

Antamedia HotSpot Software

Antamedia Beograd MDOO

It runs as a Windows kernel mode device driver named “Antamedia HotSpot Service”.
Publisher:
Antamedia mdoo  (signed by Antamedia Beograd MDOO)

Product:
Antamedia HotSpot Software

Description:
NDISAH helper driver

Version:
3.2.7.1

MD5:
afb00f5714d1f6ea2d406adefafff6c7

SHA-1:
b47c8548b09312c22370c1192e0df2bd6cae0b41

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/6/2025 1:12:46 AM UTC  (today)

File size:
33.5 KB (34,296 bytes)

Product version:
3.2.7.1

Copyright:
Copyright Antamedia mdoo© 2016

Trademarks:
WinpkFilter

Original file name:
ndisah.sys

File type:
Driver (Win32 SYS)

Language:
Language Neutral

Common path:
C:\Windows\System32\drivers\ndisah.sys

Digital Signature
Signed by:
Antamedia Beograd MDOO

Authority:
DigiCert Inc

Valid from:
6/2/2016 5:30:00 AM

Valid to:
6/7/2017 5:30:00 PM

Subject:
CN=Antamedia Beograd MDOO, O=Antamedia Beograd MDOO, L=Belgrade, C=RS

Issuer:
CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0AB1F81D927F9919674D14A783D4D678

File PE Metadata
Compilation timestamp:
6/10/2016 8:21:47 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

Entry address:
0x8304

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, F2, FC, FF, FF, 53, 00, 74, 00, 61, 00, 72, 00, 74, 00, 75, 00, 70, 00, 4D, 00, 6F, 00, 64, 00, 65, 00, 00, 00, 4D, 00, 54, 00, 55, 00, 44, 00, 65, 00, 63, 00, 72, 00, 65, 00, 6D, 00, 65, 00, 6E, 00, 74, 00, 00, 00, 50, 00, 61, 00, 72, 00, 61, 00, 6D, 00, 65, 00, 74, 00, 65, 00, 72, 00, 73, 00, 00, 00, 4E, 00, 44, 00, 49, 00, 53, 00, 41, 00, 48, 00, 00, 00, CC, CC, 78, 84, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 14, 86, 00, 00, BC, 60, 00, 00, BC, 83, 00, 00...
 
[+]

Entropy:
6.3313

Code size:
20.5 KB (20,992 bytes)

Driver
Display name:
Antamedia HotSpot Service

Service name:
NDISAH

Type:
Kernel device driver (KernelDriver)


Scan ndisah.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.