home

wayprotect32.sys

Btra Away Ltda - ME

It runs as a Windows kernel mode device driver named “WayProtect”.
Publisher:
Btra Away Ltda - ME  (signed and verified)

MD5:
1c263416c4b5feac6e6445fbcd0661ff

SHA-1:
5616c437a4775d49e50af9151f456f336036e593

SHA-256:
dcc6025bf575a87aa5b2bba30ff6990f63964f1542c6302eecb1bc404e9b272f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 8:01:43 AM UTC  (today)

File size:
782.6 KB (801,352 bytes)

File type:
Driver (Win32 SYS)

Digital Signature
Signed by:
Btra Away Ltda - ME

Authority:
VeriSign, Inc.

Valid from:
3/24/2016 9:00:00 PM

Valid to:
10/16/2016 9:59:59 PM

Subject:
CN=Btra Away Ltda - ME, O=Btra Away Ltda - ME, L=Maraba, S=Para, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7174B1A630A1882CF557D67F83FB7545

File PE Metadata
Compilation timestamp:
9/30/2016 12:21:35 PM

OS version:
6.3

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
12.0

CTPH (ssdeep):
24576:tjz4/QfV4xq6DUS+6s0/iKGgmyIfvY6wLJo1:tjz4/qV4BUS+6Iko1

Entry address:
0x19B1D6

Entry point:
68, D2, 3B, BD, 40, E8, E9, 49, F5, FF, A7, F7, 94, 49, 49, 70, BB, 94, 49, 76, 47, 55, 6B, 76, 35, 10, 70, 6B, 76, EF, 53, 2A, 94, 49, A0, 21, 0D, 6B, F6, 45, 62, 30, 6B, 76, 72, BC, 41, 6B, 36, 1B, A3, D0, 94, 89, A4, 2C, C4, 94, 49, 23, 32, 70, 6B, F6, 97, 09, 5B, 94, 89, F8, 7D, A6, FF, 86, D2, 6B, B6, F0, 05, E0, 6B, F6, AC, 73, 5F, 94, 09, 1B, 43, 94, C9, B5, A1, 3D, 94, 09, 5F, C1, 6B, B6, 7A, 77, 29, 94, 09, 3C, C2, 59, 00, 50, 48, 94, C9, 87, 12, 05, 6B, 76, 29, 68, 6B, 76, 9E, F3, 8D, 94, 89, 2D...
 
[+]

Code size:
22.5 KB (23,040 bytes)

Driver
Display name:
WayProtect

Type:
Kernel device driver (KernelDriver)


Scan wayprotect32.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.