home

pro64.sys

Nimo(Guangzhou)Network Technology Company Limited

It runs as a Windows 64-bit kernel mode device driver named “hx_pro100”.
Publisher:
Nimo(Guangzhou)Network Technology Company Limited  (signed and verified)

MD5:
b09acfd25be274103f292d26eb5ed01f

SHA-1:
ddf9a3d8a45d8087c27ea098f04f9ec720d810c8

SHA-256:
c1b6ef2bfe9d118458a53237c18fa2fa655a98f69d9a372210ae8fbf59741015

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
2/25/2025 10:45:31 AM UTC  (today)

File size:
16.6 KB (17,024 bytes)

File type:
Driver (Win64 SYS)

Digital Signature
Signed by:
Nimo(Guangzhou)Network Technology Company Limited

Authority:
GlobalSign nv-sa

Valid from:
8/25/2015 11:08:42 AM

Valid to:
8/25/2016 11:08:42 AM

Subject:
CN=Nimo(Guangzhou)Network Technology Company Limited, O=Nimo(Guangzhou)Network Technology Company Limited, L=Guangzhou, S=Guandong, C=CN

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121193184F0D11C253A437DB38B2EA109DD

File PE Metadata
Compilation timestamp:
7/27/2015 4:58:47 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
8.0

CTPH (ssdeep):
192:1h6ysDgJKjS6BFazD1hh0mlt8fylfaCBtVkUTgBxe1HCjv4pdhhmG13v+B0Cl0iZ:MDNO8FazDZ0m38fo3XIKJ74aC5QY7

Entry address:
0x7000

Entry point:
48, 89, 54, 24, 10, 48, 89, 4C, 24, 08, 48, 83, EC, 78, 66, C7, 44, 24, 58, 2A, 00, 66, C7, 44, 24, 5A, 2C, 00, 48, 8D, 05, E5, C1, FF, FF, 48, 89, 44, 24, 60, 66, C7, 44, 24, 48, 2C, 00, 66, C7, 44, 24, 4A, 2E, 00, 48, 8D, 05, FB, C1, FF, FF, 48, 89, 44, 24, 50, 48, C7, 44, 24, 68, 00, 00, 00, 00, 48, 8D, 44, 24, 68, 48, 89, 44, 24, 20, 45, 33, C9, 4C, 8D, 44, 24, 48, 48, 8D, 54, 24, 58, 48, 8B, 8C, 24, 80, 00, 00, 00, E8, 91, 9F, FF, FF, 85, C0, 74, 0A, B8, 01, 00, 00, C0, E9, F1, 00, 00, 00, 48, 8B, 44...
 
[+]

Entropy:
6.5449

Code size:
7 KB (7,168 bytes)

Driver
Display name:
hx_pro100

Type:
Kernel device driver (KernelDriver)


Scan pro64.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.