home

wayprotect32.sys

Btra Away Ltda - ME

It runs as a Windows kernel mode device driver named “WayProtect”.
Publisher:
Btra Away Ltda - ME  (signed and verified)

MD5:
700c035ba0105e298b0f9c96f153033a

SHA-1:
674afb798d012808d105a1fc7da3dc6066aa7424

SHA-256:
3d00d74bfafe9ca55c28bd9d0894355ac66bbb1d05fb2e15404e36889e108a0e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 8:30:57 AM UTC  (today)

File size:
762.1 KB (780,368 bytes)

File type:
Driver (Win32 SYS)

Common path:
C:\Program Files\muaway\wayprotect32.sys

Digital Signature
Signed by:
Btra Away Ltda - ME

Authority:
VeriSign, Inc.

Valid from:
10/15/2015 9:00:00 PM

Valid to:
10/15/2016 8:59:59 PM

Subject:
CN=Btra Away Ltda - ME, O=Btra Away Ltda - ME, L=Maraba, S=Para, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4D0F8404A5DEDB2EFC28EF44D3A50F93

File PE Metadata
Compilation timestamp:
9/13/2016 1:39:55 PM

OS version:
6.3

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
12.0

CTPH (ssdeep):
12288:s2OYn1iduALiC5w1A50golU0Y1SlNlSOVC0fW0YI2Qydi7dKhz/kb8oxHPf6lrZA:cYndCuRgolU0YEP8OB+0vai6c8oxX4A

Entry address:
0xEFDA9

Entry point:
68, 54, BF, 13, 3F, E8, DF, 94, FF, FF, 0B, F7, 66, F7, D7, FF, 45, FC, 66, 0F, B3, E7, 8B, F8, F9, F8, F5, C1, EF, 0B, 0F, AF, FA, 3B, F7, 0F, 83, 3B, F2, 00, 00, 8B, C7, BF, 00, 08, 00, 00, 66, F7, C7, CA, 56, E9, 41, 9D, 00, 00, 2B, C7, 80, FD, BF, 2B, F7, 66, 81, F7, C3, 6B, 66, 81, E7, D7, 53, 8B, FA, C1, EF, 05, 2B, D7, 66, 33, FF, 8B, 7D, E4, 66, 81, FC, 3D, 2B, 3B, D5, F8, 66, 89, 94, 0F, 44, 06, 00, 00, 66, 99, 8D, 57, 01, F9, 83, CB, 04, 89, 55, E4, 66, 85, E6, 3A, C4, 0F, B7, 94, 51, 44, 06, 00...
 
[+]

Code size:
22 KB (22,528 bytes)

Driver
Display name:
WayProtect

Type:
Kernel device driver (KernelDriver)


Scan wayprotect32.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.