home

wayprotect32.sys

Btra Away Ltda - ME

It runs as a Windows kernel mode device driver named “WayProtect”.
Publisher:
Btra Away Ltda - ME  (signed and verified)

MD5:
fefd792129a691f59f50f1fb91a7fcde

SHA-1:
38f2511622394b32c229ed36b381ffa2fe32e172

SHA-256:
9d60930bdf6d4fd6fcea2027bd0908f8c07a1200b1163d4ee82c2aea2d485f3b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 8:00:48 AM UTC  (today)

File size:
775.6 KB (794,184 bytes)

File type:
Driver (Win32 SYS)

Digital Signature
Signed by:
Btra Away Ltda - ME

Authority:
VeriSign, Inc.

Valid from:
3/24/2016 9:00:00 PM

Valid to:
10/16/2016 9:59:59 PM

Subject:
CN=Btra Away Ltda - ME, O=Btra Away Ltda - ME, L=Maraba, S=Para, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7174B1A630A1882CF557D67F83FB7545

File PE Metadata
Compilation timestamp:
9/16/2016 11:51:08 AM

OS version:
6.3

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
12.0

CTPH (ssdeep):
12288:yHzU3o6M4q47RtHE4sgSYBjCGt8iA821RWYAabm+cFQhwC0royjtbS:yg3o6Rq47R9E+TpCc8V82eYby5ljY

Entry address:
0x18F323

Entry point:
68, 01, 4F, 06, 88, E8, 65, 0D, F6, FF, 0F, 85, 4B, 10, F7, FF, 83, FF, 14, E9, 22, E9, F6, FF, E9, 1E, 73, 00, 00, 8B, 45, 14, 0F, BB, DB, C0, FA, B2, 01, 38, C1, D2, EF, 0F, 46, F5, 8B, 55, 1C, 0F, A4, C3, 54, 66, C1, EE, B5, 66, C1, E7, 1B, 5F, E9, 4E, E3, F6, FF, C0, 59, A7, FE, BD, 86, 17, A7, FE, EF, 0F, 02, A7, FF, 4C, A7, 4E, 58, 01, C2, 70, 37, 58, 01, 2F, 76, F6, 58, 00, 27, 51, 5D, A7, FF, 3E, 8A, 9C, 58, 00, C1, 3F, 30, A7, FE, 44, 22, 08, A7, FE, 6D, 7D, BB, A7, FF, 26, B8, 11, 58, 00, D5, 87...
 
[+]

Packer / compiler:
ASProtect v1.2

Code size:
22.5 KB (23,040 bytes)

Driver
Display name:
WayProtect

Type:
Kernel device driver (KernelDriver)


Scan wayprotect32.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.