home

sdprotect_x86.sys

Supercool driver-based tool

苏州蜗牛数字科技股份有限公司

Publisher:
<snail>  (signed by 苏州蜗牛数字科技股份有限公司)

Product:
Supercool driver-based tool

Description:
The driver for the supercool driver-based tool

Version:
1.0.0.448

MD5:
faf622f6a5ae45ee4320d3bddaf0cd45

SHA-1:
e3492f111abfb7d4f59f052d28c3262b635011e7

SHA-256:
77d8267dc988b4925795e73817d7af8e04cc3087c5fa06ab873a7581bd81bbf4

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/17/2024 5:23:49 PM UTC  (today)

File size:
86.8 KB (88,872 bytes)

Product version:
1.0

Copyright:
Copyright

Original file name:
SDLoader

File type:
Driver (Win32 SYS)

Language:
Language Neutral

Common path:
C:\Program Files\snail games usa\blackgold\bin\sdprotect_x86.sys

Digital Signature
Signed by:
苏州蜗牛数字科技股份有限公司

Authority:
VeriSign, Inc.

Valid from:
8/7/2013 8:00:00 PM

Valid to:
11/7/2014 6:59:59 PM

Subject:
CN=苏州蜗牛数字科技股份有限公司, OU=端游技术中心, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=苏州蜗牛数字科技股份有限公司, L=苏州, S=江苏, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
01FC2B304D2D81BE13E5FD5D8CEB7CF2

File PE Metadata
Compilation timestamp:
3/11/2014 9:37:38 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
1536:CHmXtQEWhYlYxv+lzL2uXfce9LRy+kIF3uualh38RRFtIvN31xARltxp8Cqus:emXoWjXfce9LE+PchsrFGvN7ARltUCNs

Entry address:
0xD03E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 8E, 43, FF, FF, CC, CC, B8, D0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 60, D6, 00, 00, 18, A0, 00, 00, A0, D0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 96, D6, 00, 00, 00, A0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 88, D6, 00, 00, 7A, D6, 00, 00, 00, 00, 00, 00, 9E, D6, 00, 00, AE, D6, 00, 00, 32, 31, 20, 96, 48, D2, 00, 00, 5C, D2...
 
[+]

Entropy:
6.9092

Code size:
38 KB (38,912 bytes)

Scan sdprotect_x86.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.