home

udd6bad.tmp

NoVirusThanks Registry DeleteEx Driver

NoVirusThanks Company Srl

Publisher:
NoVirusThanks Company Srl  (signed and verified)

Product:
NoVirusThanks Registry DeleteEx Driver

Version:
1.0.0.0 built by: WinDDK

MD5:
3dd1ade69cb6a993418782dfdcbf4287

SHA-1:
85f5b00748a1cf55671f1a858f5a9cab50f2a204

SHA-256:
48bbb5bf1cf4ed048947440d3cb60a06bcbddebe856c1a1ed5bfb950841f6fb3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 1:26:18 PM UTC  (today)

File size:
14.1 KB (14,456 bytes)

Product version:
1.0.0.0

Copyright:
NoVirusThanks Company Srl

Original file name:
NVTDelKey.sys

Language:
English (United States)

Common path:
C:\windows\temp\udd6bad.tmp

Digital Signature
Signed by:
NoVirusThanks Company Srl

Authority:
GlobalSign nv-sa

Valid from:
4/2/2015 7:10:21 AM

Valid to:
5/24/2016 11:31:15 AM

Subject:
E=support@novirusthanks.org, CN=NoVirusThanks Company Srl, O=NoVirusThanks Company Srl, L=Castiglione Del Lago, S=Perugia, C=IT

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11215463CF7F7AF3A0EF00D25A13551CE6BC

File PE Metadata
Compilation timestamp:
3/10/2016 6:29:27 PM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
192:BCHp4DC9l0HMb/3zsktVkUTgBxe1HCjv4pdhhmGZYaPJayw/l0i9ZUdsxxm4XTCa:BCHpF0HMrDs6IKJ7by5T9YkL

Entry address:
0x5064

Entry point:
48, 83, EC, 28, 4C, 8B, C2, 4C, 8B, C9, E8, 95, FF, FF, FF, 49, 8B, D0, 49, 8B, C9, 48, 83, C4, 28, E9, 66, C2, FF, FF, CC, CC, B0, 50, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, F6, 51, 00, 00, 00, 20, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 18, 51, 00, 00, 00, 00, 00, 00, 30, 51, 00, 00, 00, 00, 00, 00, 48, 51, 00, 00, 00, 00, 00, 00, 5A, 51, 00, 00, 00, 00, 00, 00, 6E, 51, 00, 00, 00, 00, 00, 00, 78, 51, 00, 00, 00, 00, 00, 00, 8E, 51, 00, 00...
 
[+]

Entropy:
6.2881

Code size:
3.5 KB (3,584 bytes)

Scan udd6bad.tmp - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.