home

wayprotect32.sys

Btra Away Ltda - ME

It runs as a Windows kernel mode device driver named “WayProtect”.
Publisher:
Btra Away Ltda - ME  (signed and verified)

MD5:
0f3a2bca5aa64f81ba091cf869b9ee1b

SHA-1:
d1b56b381882fbba3935618c2d4934bfba5ecd1b

SHA-256:
2ed285df703e08a8ae590ca733772ebb4ae671feb2a6ee2a79a77359753000d2

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 7:40:16 AM UTC  (today)

File size:
760.1 KB (778,312 bytes)

File type:
Driver (Win32 SYS)

Digital Signature
Signed by:
Btra Away Ltda - ME

Authority:
VeriSign, Inc.

Valid from:
3/24/2016 9:00:00 PM

Valid to:
10/16/2016 9:59:59 PM

Subject:
CN=Btra Away Ltda - ME, O=Btra Away Ltda - ME, L=Maraba, S=Para, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7174B1A630A1882CF557D67F83FB7545

File PE Metadata
Compilation timestamp:
9/21/2016 3:18:10 PM

OS version:
6.3

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
12.0

CTPH (ssdeep):
12288:zBAyfSbJoID2f1aQk62dNhIp10JsorbrYTrgfXEIO1n8LHog8nAOOTEJaAk1i:LgD2fnk6qhIj07brQUcIOpwV7JTEJFN

Entry address:
0xF3FFB

Entry point:
68, 14, 56, 6C, 00, E8, 3A, 99, FF, FF, 0F, 83, 3F, D1, FF, FF, 8B, D1, F8, 3B, F4, 85, D7, 03, FF, E9, C3, 77, 01, 00, F8, C1, E2, 08, 66, 3B, D5, F7, C6, 82, 13, 2A, 19, 0B, F1, 49, 0F, 9F, C5, 66, 0F, B6, CE, 40, 87, C9, 66, D3, C1, E9, 1A, 77, 01, 00, C2, 08, 00, 00, 00, 50, 73, 50, 72, 6F, 63, 65, 73, 73, 54, 79, 70, 65, 00, 0F, BF, D1, 51, 8D, 55, F0, E9, 37, 8B, 00, 00, 00, 00, 52, 74, 6C, 55, 6E, 69, 63, 6F, 64, 65, 53, 74, 72, 69, 6E, 67, 54, 6F, 41, 6E, 73, 69, 53, 74, 72, 69, 6E, 67, 00, 0F, 83...
 
[+]

Code size:
22.5 KB (23,040 bytes)

Driver
Display name:
WayProtect

Type:
Kernel device driver (KernelDriver)


Scan wayprotect32.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.