home

wayprotect32.sys

Btra Away Ltda - ME

It runs as a Windows kernel mode device driver named “WayProtect”.
Publisher:
Btra Away Ltda - ME  (signed and verified)

MD5:
c9afe3827fbe1c35fba932202e3cf282

SHA-1:
3821978b458a0d7bed2436179f76454c14c3c9a7

SHA-256:
9495c3787b688deef1eef1a4988588a98f14e0133c1e7191726c9ffbfc31cc90

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 7:30:06 AM UTC  (today)

File size:
738.1 KB (755,784 bytes)

File type:
Driver (Win32 SYS)

Digital Signature
Signed by:
Btra Away Ltda - ME

Authority:
VeriSign, Inc.

Valid from:
3/24/2016 9:00:00 PM

Valid to:
10/16/2016 9:59:59 PM

Subject:
CN=Btra Away Ltda - ME, O=Btra Away Ltda - ME, L=Maraba, S=Para, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7174B1A630A1882CF557D67F83FB7545

File PE Metadata
Compilation timestamp:
9/22/2016 3:04:35 PM

OS version:
6.3

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
12.0

CTPH (ssdeep):
12288:BU5Fg2bs8ZOdj5qIXnEi8f8i7qojb3rg20zo2TVDm6o/T5/VH+ZK3Up5WGeq:BUq8WjFEi8fTZV2T8L/T59HfUCGeq

Entry address:
0x17F083

Entry point:
68, FD, 5F, 19, FB, E8, 2A, 10, F6, FF, 8B, 4E, 08, 0F, CA, 89, 4D, F4, 66, 99, 8B, 55, FC, 66, 0F, 43, C5, 6A, 00, 98, E9, AD, 59, F6, FF, 00, 00, 50, 73, 47, 65, 74, 50, 72, 6F, 63, 65, 73, 73, 49, 6D, 61, 67, 65, 46, 69, 6C, 65, 4E, 61, 6D, 65, 00, 66, 89, 3C, 0B, E9, 91, DA, FF, FF, 00, 00, 00, 52, 74, 6C, 46, 72, 65, 65, 55, 6E, 69, 63, 6F, 64, 65, 53, 74, 72, 69, 6E, 67, 00, E9, 86, D5, FF, FF, 50, 6A, 00, E9, B5, BF, FF, FF, 0F, 85, 60, BE, F6, FF, 53, 86, FB, 66, 0F, 4D, DE, 8B, 5D, 14, 66, 8B, C5...
 
[+]

Code size:
22.5 KB (23,040 bytes)

Driver
Display name:
WayProtect

Type:
Kernel device driver (KernelDriver)


Scan wayprotect32.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.