home

wayprotect32.sys

Btra Away Ltda - ME

It runs as a Windows kernel mode device driver named “WayProtect”.
Publisher:
Btra Away Ltda - ME  (signed and verified)

MD5:
04e36094695688cc6eaf4dabe4b7102a

SHA-1:
7cb1bd554a6f6d4e36da24ade9e7c0c142d781cd

SHA-256:
66c28d7a6ee729e6dd8ab1727bcf46b2dfe9cdb15f1e27dfeea3f8949846613b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 7:41:48 AM UTC  (today)

File size:
748.6 KB (766,536 bytes)

File type:
Driver (Win32 SYS)

Digital Signature
Signed by:
Btra Away Ltda - ME

Authority:
VeriSign, Inc.

Valid from:
3/24/2016 9:00:00 PM

Valid to:
10/16/2016 9:59:59 PM

Subject:
CN=Btra Away Ltda - ME, O=Btra Away Ltda - ME, L=Maraba, S=Para, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7174B1A630A1882CF557D67F83FB7545

File PE Metadata
Compilation timestamp:
9/6/2016 12:19:21 PM

OS version:
6.3

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
12.0

CTPH (ssdeep):
12288:BGs6cOvf56YbmL4SlyinFkw69vA/CSRL68zqwDUXnqJ0JOraMMUNy1LMMD0:BG7cOvo0ro+xnSRL68zqjXnqGwrlMU8w

Entry address:
0x175596

Entry point:
68, 25, 2E, 4F, 55, E8, 13, EC, F6, FF, AF, 17, 80, EA, 1B, A1, E0, 7F, 15, 15, BE, ED, 7E, 15, 94, FF, 7E, 87, EA, 96, EB, 05, 80, EA, C3, 33, 0C, 7F, 15, 27, EC, AE, 80, EA, EB, 47, 3F, 81, EA, 77, 93, 5E, 78, 15, 36, A5, 71, 7D, 15, 52, BB, 50, 87, EA, 0A, 4E, 2B, 81, EA, 4A, 0A, 2F, 81, EA, 1D, 6B, 16, 7F, 15, 5D, A9, 5E, 87, EA, 1B, 6B, 7F, 15, D7, 7C, 12, 7E, 15, 74, ED, A5, 87, EA, 0D, 48, D1, 81, EA, 3F, BE, 75, 80, EA, 2A, CA, 61, 80, EA, 52, 48, 7F, 15, F0, 84, 9A, 80, EA, 11, D7, 81, EA, B6, 38...
 
[+]

Code size:
22.5 KB (23,040 bytes)

Driver
Display name:
WayProtect

Type:
Kernel device driver (KernelDriver)


Scan wayprotect32.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.