home

wayprotect32.sys

Btra Away Ltda - ME

It runs as a Windows kernel mode device driver named “WayProtect”.
Publisher:
Btra Away Ltda - ME  (signed and verified)

MD5:
6d08e9e407c42e6d2ba6080f6bb24507

SHA-1:
a565c8f27465f876787ccea13edb245936d12180

SHA-256:
59c117b9346a0d27356d8ddf0e01ca78f385dbeca1741410d882c0407dea4b10

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 7:40:54 AM UTC  (today)

File size:
747.1 KB (765,000 bytes)

File type:
Driver (Win32 SYS)

Digital Signature
Signed by:
Btra Away Ltda - ME

Authority:
VeriSign, Inc.

Valid from:
3/24/2016 9:00:00 PM

Valid to:
10/16/2016 9:59:59 PM

Subject:
CN=Btra Away Ltda - ME, O=Btra Away Ltda - ME, L=Maraba, S=Para, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7174B1A630A1882CF557D67F83FB7545

File PE Metadata
Compilation timestamp:
9/12/2016 9:15:27 PM

OS version:
6.3

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
12.0

CTPH (ssdeep):
12288:ewTBrUbnq7xBqj44+KOha51RyswzDZDxXCBJ4QauC8qdIWMHuzub9Rh76A03SBcD:eKBrP7xBHKOha5PFwD6BJ4gC8qdI/Hu3

Entry address:
0xEC232

Entry point:
68, 8F, EF, 50, 2D, E8, AE, AC, FF, FF, 8B, 45, FC, 66, 0F, A3, F3, 66, 0F, BA, E3, 5F, C0, C3, 8D, 8B, 18, F8, 2B, FF, E9, AA, 32, 00, 00, 6A, 0B, E9, 0D, BF, 00, 00, 9C, 29, 60, 6E, 51, 8D, C5, 9F, 11, 11, 0D, B4, 9F, 91, E0, 67, 56, 60, 6E, EB, 7D, 17, 60, EE, 07, A3, 14, 60, 6E, D2, E1, F3, 60, EE, B0, C2, 43, 9F, 11, 90, DD, 94, 9E, 11, E6, 89, AC, 9F, 91, C9, 2D, 41, 60, 6E, 88, B0, EE, 9F, 91, 37, 90, 92, A7, 9F, 91, A0, 76, 63, 60, 6E, 46, 31, 60, EE, DF, 60, 48, 9E, 91, 52, E1, F3, 17, 14, DA, 9F...
 
[+]

Code size:
22.5 KB (23,040 bytes)

Driver
Display name:
WayProtect

Type:
Kernel device driver (KernelDriver)


Scan wayprotect32.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.