rspwhy32.sys

WhySoSlow

Daniel Terhell

Publisher:
Resplendence Software Projects Sp.  (signed by Daniel Terhell)

Product:
WhySoSlow

Description:
Resplendence WhySoSlow Monitoring Driver

Version:
1.00 built by: WinDDK

MD5:
0eacf72f3b53273a40b067d2d61286a6

SHA-1:
d7ceffd049a6e226c7a144a4a8fb0505ce9eb658

SHA-256:
b79357405f428da5a7f381f00235deeac602675cb3ca2750270a73d8e848a156

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 12:48:06 PM UTC  (today)

File size:
28.8 KB (29,456 bytes)

Product version:
1.00

Copyright:
Copyright (c)1997-2015 Resplendence Software Projects Sp.

Original file name:
rspWhy.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Program Files\whysoslow\rspwhy32.sys

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
5/26/2014 2:00:00 AM

Valid to:
5/27/2019 1:59:59 AM

Subject:
CN=Daniel Terhell, O=Daniel Terhell, STREET=Via Hanoi 3, L=Baricella, S=Bologna, PostalCode=40052, C=IT

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
37535DB27CD81B479E3DB1E4E16A30E7

File PE Metadata
Compilation timestamp:
6/8/2016 2:01:19 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
384:EYou0xppmLhdB1P05neQElNHKZYgAA6HStbO/mIYh2Zh30tOI5OrlpDCKtFFUGE4:NeICr5tC/mDe8s5BrtvJ+ehjYd7AiS

Entry address:
0x70A6

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 08, B9, FF, FF, CC, CC, 44, 71, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 62, 74, 00, 00, 3C, 40, 00, 00, 28, 71, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, FC, 74, 00, 00, 20, 40, 00, 00, 08, 71, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, BE, 75, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 86, 75, 00, 00, 68, 75, 00, 00, 4C, 75, 00, 00, 30, 75, 00, 00, 1A, 75, 00, 00, 04, 75, 00, 00, AA, 75, 00, 00, 00, 00...
 
[+]

Code size:
13.5 KB (13,824 bytes)

Scan rspwhy32.sys - Powered by Reason Core Security