wayprotect64.sys

Btra Away Ltda - ME

It runs as a Windows 64-bit kernel mode device driver named “WayProtect”.
Publisher:
Btra Away Ltda - ME  (signed and verified)

MD5:
c4334cd9f5e9c2a217d9a59f734799cf

SHA-1:
0ba315f95695f1423f1ec5e249d7ce6077454ace

SHA-256:
825fca6bb8387e781ef1d679f4d72b7d3bc20bda47cb1adc029e36457da43c78

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/28/2024 11:42:11 AM UTC  (today)

File size:
967.1 KB (990,280 bytes)

File type:
Driver (Win64 SYS)

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
3/24/2016 9:00:00 PM

Valid to:
10/16/2016 9:59:59 PM

Subject:
CN=Btra Away Ltda - ME, O=Btra Away Ltda - ME, L=Maraba, S=Para, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7174B1A630A1882CF557D67F83FB7545

File PE Metadata
Compilation timestamp:
8/29/2016 11:01:14 AM

OS version:
6.3

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
12.0

CTPH (ssdeep):
24576:2fSOfnhcqXwNbeAkiDYGKOq2FebjjIgXPC+E6:2fTnhyeyDYGKOq2FCjpXPE6

Entry address:
0x210F76

Entry point:
68, 8D, EB, 82, F5, E8, AA, C7, 00, 00, B9, 06, 84, F9, 5A, 68, 4D, 43, 0D, 3F, 9C, F6, 42, 0D, C9, 18, 34, 64, 06, 79, C3, C3, BC, F2, B4, E8, C3, BC, F2, 7B, 01, CC, BC, F2, 26, C6, C3, BC, F2, 8D, 1A, CC, BC, F2, 37, 78, CC, BC, F2, 55, 69, C3, BC, F2, FA, 09, C3, BC, F2, 6C, 7E, CC, BC, F2, 29, 6A, 77, BD, F2, 3F, 16, B5, 9B, F9, 77, F5, 42, 43, 0D, 82, B6, 42, 43, 0D, 25, 87, 4D, 43, 0D, A0, 48, 42, 43, 0D, 03, 64, 4D, 43, 0D, 49, 4D, D7, 7B, 06, FE, B8, 92, BC, F2, 97, 2A, A1, 85, F9, 58, B3, 41, 0D...
 
[+]

Code size:
27 KB (27,648 bytes)

Driver
Display name:
WayProtect

Type:
Kernel device driver (KernelDriver)


Scan wayprotect64.sys - Powered by Reason Core Security