home

wayprotect32.sys

Btra Away Ltda - ME

It runs as a Windows kernel mode device driver named “WayProtect”.
Publisher:
Btra Away Ltda - ME  (signed and verified)

MD5:
2e7e86a11ae46fbbda96ab6b187eefbd

SHA-1:
b6ebb4c7e625c5b6ff7b159ca56dd97f04e5f96c

SHA-256:
4109c455a386d5aa6215a079472120a9e4405d5e763abe3d3505bf21a6946666

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 7:17:38 AM UTC  (today)

File size:
769.6 KB (788,040 bytes)

File type:
Driver (Win32 SYS)

Digital Signature
Signed by:
Btra Away Ltda - ME

Authority:
VeriSign, Inc.

Valid from:
3/24/2016 9:00:00 PM

Valid to:
10/16/2016 9:59:59 PM

Subject:
CN=Btra Away Ltda - ME, O=Btra Away Ltda - ME, L=Maraba, S=Para, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7174B1A630A1882CF557D67F83FB7545

File PE Metadata
Compilation timestamp:
9/28/2016 11:02:06 AM

OS version:
6.3

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
12.0

CTPH (ssdeep):
24576:Z5uzzMYqoUuzLcXXbfimrzyEU8JrOiUhUQ3:ZszQanObimv7U8Jr7Hq

Entry address:
0x18E96F

Entry point:
68, 1C, F6, 24, E7, E8, 9E, 1E, F6, FF, 66, 81, EA, F4, 66, 66, D3, E2, 89, 7D, D8, F5, 0F, BA, E1, 5E, BA, 01, 00, 00, 00, 90, 66, 0F, A4, C9, 30, 66, C1, F9, 25, 80, C9, AD, 0F, B7, 0C, 57, F7, C7, 1E, 04, 34, 56, 3D, 00, 00, 00, 01, 0F, 83, 25, 00, 00, 00, 8B, 7D, FC, 0F, B6, 3F, 3D, 60, 6F, 6C, 58, C1, E6, 08, 66, 85, DC, C1, E0, 08, 85, C7, F5, 0B, F7, 0F, BF, FB, 0F, B7, FD, FF, 45, FC, C1, F7, 15, 8B, F8, 66, F7, C6, 9E, 01, C1, EF, 0B, F9, 66, 81, FC, 4B, 61, 0F, AF, F9, 85, D6, 3B, F7, E9, 26, 7F...
 
[+]

Code size:
22.5 KB (23,040 bytes)

Driver
Display name:
WayProtect

Type:
Kernel device driver (KernelDriver)


Scan wayprotect32.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.