wayprotect64.sys

Btra Away Ltda - ME

It runs as a Windows 64-bit kernel mode device driver named “WayProtect”.
Publisher:
Btra Away Ltda - ME  (signed and verified)

MD5:
85fbafe9950bcc59c1c286a82ac5579a

SHA-1:
1fd57fbd3e98d512be72fc37ce54cdcc032d6a3e

SHA-256:
4bff8aa28227d1fffb9bb86db0993c94423e3806348b4bd77522ffaef30eb501

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/28/2024 11:36:02 AM UTC  (today)

File size:
970.6 KB (993,864 bytes)

File type:
Driver (Win64 SYS)

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
3/24/2016 9:00:00 PM

Valid to:
10/16/2016 9:59:59 PM

Subject:
CN=Btra Away Ltda - ME, O=Btra Away Ltda - ME, L=Maraba, S=Para, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7174B1A630A1882CF557D67F83FB7545

File PE Metadata
Compilation timestamp:
9/13/2016 1:52:57 PM

OS version:
6.3

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
12.0

CTPH (ssdeep):
24576:Gp3kGRe1NfRpQ9PndPOg7StnIHmKMsIgcpQ0F3C:fGoXLQ9lx7S5jQcLFS

Entry address:
0x16EF05

Entry point:
68, 99, 7D, 5F, 33, E8, EC, 02, 0B, 00, 0E, EF, 4F, F4, 43, 2A, B6, 16, E5, 46, 27, B6, 16, A2, 9C, A4, B6, BC, FE, DD, 33, 1F, A6, 0D, 97, 81, 50, E9, 0A, 0D, 44, 50, E9, 14, 99, BF, 50, E9, 0E, 07, 86, 50, E9, 71, AE, 50, 50, E9, 10, 56, 47, 50, E9, 77, A6, F7, 50, E9, 0C, 0D, 2C, 50, E9, 1A, 1F, C9, 50, E9, 5D, FD, 0A, 50, 43, 01, 13, 8D, F9, 59, F2, 86, 8F, B6, 16, F5, E3, 9A, B6, 16, EB, 57, 69, B6, 16, F1, 31, 40, B6, 0F, 67, 04, FE, 86, D6, FF, FF, FF, FF, 99, 23, DB, E0, 81, E8, EF, 44, DC, CA, 42...
 
[+]

Code size:
27 KB (27,648 bytes)

Driver
Display name:
WayProtect

Type:
Kernel device driver (KernelDriver)


Scan wayprotect64.sys - Powered by Reason Core Security