home

wayprotect32.sys

WayProtect

Btra Away Ltda - ME

It runs as a Windows kernel mode device driver named “WayProtect”.
Publisher:
Btra Away Ltda  (signed by Btra Away Ltda - ME)

Product:
WayProtect

Description:
WayProtect Driver

Version:
2.0.2

MD5:
5c87f70179600d02605e069cde73b6d4

SHA-1:
33a192b7a5a21d284f888168c9961b67d5badc39

SHA-256:
5bc37c3947f8521767cc824a1057cd48f56a1c01074d7c8df1270c9ed30dbbe0

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/15/2024 9:26:34 AM UTC  (today)

Scan engine
Detection
Engine version

Vba32 AntiVirus
suspected of Malware-Cryptor.General.6
3.12.26.4

File size:
788.7 KB (807,672 bytes)

Product version:
2.0.00

Copyright:
Copyright (C) 2016

Original file name:
wayprotect.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Digital Signature
Signed by:
Btra Away Ltda - ME

Authority:
VeriSign, Inc.

Valid from:
10/21/2016 10:00:00 PM

Valid to:
10/25/2017 9:59:59 PM

Subject:
CN=Btra Away Ltda - ME, O=Btra Away Ltda - ME, L=Maraba, S=Para, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7EE14C250E00CD2D0B5763E48646691C

File PE Metadata
Compilation timestamp:
11/4/2016 1:20:19 PM

OS version:
6.3

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
12.0

CTPH (ssdeep):
12288:qUiR5x249cxD1Sk2Tj8leKNUrEmnkMSPsv8kbMfYk0aCvdbi3I7PW3z7syiL:qUiI49cxmwTNUrdnzSPIGYkrUdpQo

Entry address:
0x18AEB7

Entry point:
68, 41, A0, AE, 9C, E8, 01, D9, F5, FF, 0F, 83, 21, 00, 00, 00, 3B, C1, 0F, 83, 42, 41, FF, FF, 0F, B6, 38, F9, C1, E6, 08, F7, C5, 7B, 3D, 54, 12, 3B, E4, F5, C1, E2, 08, 0B, F7, 40, C1, D7, 46, D1, EA, 8B, FE, F8, F9, 2B, FA, 3A, C2, C1, EF, 1F, E9, 35, AE, FF, FF, 5B, E9, 5F, 5D, 00, 00, 0F, 87, 5F, 83, FF, FF, 04, 20, E9, 58, 83, FF, FF, 5D, 00, 00, 00, 01, 41, 19, ED, B9, 6E, 03, C5, 58, B5, 4C, 51, AC, 14, AB, 14, F6, 76, FC, 1C, 8B, 29, BB, 68, 70, DF, 92, E2, BE, 17, 07, 4A, 6D, 3D, 49, FD, F0, 61...
 
[+]

Code size:
23 KB (23,552 bytes)

Driver
Display name:
WayProtect

Type:
Kernel device driver (KernelDriver)


Scan wayprotect32.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.