home

wayprotect32.sys

Btra Away Ltda - ME

It runs as a Windows kernel mode device driver named “WayProtect”.
Publisher:
Btra Away Ltda - ME  (signed and verified)

MD5:
7900fa9ea2d27acacaaa4cdd13c1c539

SHA-1:
cd09e7b7b6ea0e8a44a2fe4efd3d189ea4d9c596

SHA-256:
5219a9f407f351e2c14018c95700d7c888ae6dfc5d61d801914b6600ba064145

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 7:43:06 AM UTC  (today)

File size:
758.6 KB (776,776 bytes)

File type:
Driver (Win32 SYS)

Digital Signature
Signed by:
Btra Away Ltda - ME

Authority:
VeriSign, Inc.

Valid from:
3/24/2016 9:00:00 PM

Valid to:
10/16/2016 9:59:59 PM

Subject:
CN=Btra Away Ltda - ME, O=Btra Away Ltda - ME, L=Maraba, S=Para, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7174B1A630A1882CF557D67F83FB7545

File PE Metadata
Compilation timestamp:
8/19/2016 4:45:48 PM

OS version:
6.3

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
12.0

CTPH (ssdeep):
12288:KMsrGjkCszmLEID9FjuP+UXbQgSsmyvdn/M9xgtXBe2J75qDD21NMu6bnpPE//Oc:+nmYw3UEWVn1Be2J4C1N4PE3Ot2

Entry address:
0x1930EF

Entry point:
68, 5A, 04, DA, 5C, E8, AC, 7C, F5, FF, FF, D6, 85, C0, E9, A8, 70, FF, FF, 3F, F5, 60, 64, 5A, AF, 55, 62, 64, 2F, 6D, 4C, 9F, 9B, 18, 27, 42, 9D, 9B, 27, DD, CB, 63, 64, 08, 3A, 67, 67, 64, 3E, C7, 1F, 9E, 9B, A6, 60, 83, 9B, 9B, DC, 4B, 21, 9D, 9B, 4B, B6, 20, 9D, 9B, BE, 13, A8, 9D, 9B, 93, A7, 50, 61, 64, BA, 10, C1, 9F, 9B, DD, 3B, 74, 9A, 9B, 7F, ED, FD, 9D, 9B, D7, 06, 9D, 9B, 2B, 69, F7, 60, 64, 1C, 02, 1E, 65, 64, DE, 31, 2E, 62, 64, 51, E7, 1A, 9E, 9B, 72, 90, DF, 60, 64, 65, FC, 9D, 9B, B8, 30...
 
[+]

Code size:
22.5 KB (23,040 bytes)

Driver
Display name:
WayProtect

Type:
Kernel device driver (KernelDriver)


Scan wayprotect32.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.