wayprotect32.sys

Btra Away Ltda - ME

It runs as a Windows kernel mode device driver named “WayProtect”.
Publisher:
Btra Away Ltda - ME  (signed and verified)

MD5:
6cf4dcc57dde34aca26205143b5fdf35

SHA-1:
59a12aa6af8a80abcf79f5d435b993ce34a61846

SHA-256:
aa7d2f56bcf6f0899a7585ce901552957b2e37f686afb113637895c9225bda24

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/28/2024 11:01:27 AM UTC  (today)

File size:
754.6 KB (772,688 bytes)

File type:
Driver (Win32 SYS)

Common path:
C:\Program Files\muaway\wayprotect32.sys

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
10/15/2015 9:00:00 PM

Valid to:
10/15/2016 8:59:59 PM

Subject:
CN=Btra Away Ltda - ME, O=Btra Away Ltda - ME, L=Maraba, S=Para, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4D0F8404A5DEDB2EFC28EF44D3A50F93

File PE Metadata
Compilation timestamp:
9/21/2016 3:27:23 PM

OS version:
6.3

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
12.0

CTPH (ssdeep):
12288:fjULltu6CnZoYi/gG8HjMfD6L5zeWKtM+dgwQT+ftPpRYWM2f1RrwXrTo//zPu1s:foa6CVi0MfDq5zeWKtn/Qw3RDAno/zl

Entry address:
0x17E697

Entry point:
68, E1, 69, 07, EF, E8, CC, A0, F6, FF, CA, 0B, 57, 00, FD, D8, 4E, A8, 80, DD, 42, 12, A8, 40, 54, 65, EB, A8, 7E, 6D, 2C, 0D, 57, BF, 72, 48, 37, 57, 01, 7F, 8F, 36, A8, 40, 00, 9D, 18, A8, FE, D9, 4F, F3, 57, 41, 99, A7, 0A, A8, BE, 55, 84, E3, 57, C1, 23, EA, 29, A8, BE, 57, 61, 5B, 57, 7F, A5, C5, F2, 57, 41, BB, 09, 68, A8, C0, 05, 7A, A8, 7E, 75, EA, CC, 57, BF, F0, F9, BC, 57, 81, 85, 9E, 4C, A8, 7E, AC, A2, 9B, 57, 81, 91, 24, 55, A8, FE, 90, AB, A8, FF, C8, 00, D1, 57, 7F, 39, 69, 57, 41, 38, FD...
 
[+]

Code size:
22 KB (22,528 bytes)

Driver
Display name:
WayProtect

Type:
Kernel device driver (KernelDriver)


Scan wayprotect32.sys - Powered by Reason Core Security