wayprotect64.sys

Btra Away Ltda - ME

It runs as a Windows 64-bit kernel mode device driver named “WayProtect”.
Publisher:
Btra Away Ltda - ME  (signed and verified)

MD5:
efa3e0694a945d50360c14e77894c482

SHA-1:
2c350bbdb7f377e15ed4bb6eb6391e4f10b274b8

SHA-256:
52fd8c8ff24c465e8d29d5439a9c5ffb7daf8fd8e242fb345923f4593818b309

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/29/2024 1:30:46 AM UTC  (today)

File size:
1.1 MB (1,162,320 bytes)

File type:
Driver (Win64 SYS)

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
1/7/2016 10:00:00 PM

Valid to:
10/16/2016 9:59:59 PM

Subject:
CN=Btra Away Ltda - ME, O=Btra Away Ltda - ME, L=Maraba, S=Para, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4C8EFFAD508C0E801EE50F6BEA0A6B99

File PE Metadata
Compilation timestamp:
1/12/2016 7:23:43 PM

OS version:
6.3

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
12.0

CTPH (ssdeep):
24576:cFap8ZWRjbvVagj4mz1kv+my5khSUoojxswTvPXe7IhHAB1oYPdBz:cE0WjaI4m2ayNjxFXe7/XvdBz

Entry address:
0x14E290

Entry point:
68, 51, 99, BE, 72, E8, 89, 07, 11, 00, FF, D4, D0, 0F, 07, 86, 67, 44, 75, CE, 24, 77, 2F, F0, 44, 3E, 95, D0, 0F, 6E, BB, 7A, 44, 75, 63, 84, A3, 45, 75, D4, 71, 63, 2F, F0, B9, 17, 3F, BB, 8A, 97, 8B, 10, D1, 0F, 83, 5D, DD, 44, 75, E5, E3, C6, 5B, 75, 63, A7, 88, 2E, F0, 1F, 9E, 67, BA, 8A, CE, 24, 77, D1, 0F, 5C, 26, 95, 2E, F0, F6, 23, 7A, BA, 8A, 43, E4, A3, BB, 8A, 64, 41, 63, D1, 0F, 69, 07, 3F, 45, 75, 27, 02, 26, 2D, F0, 62, C4, E1, BA, 8A, B5, 80, C0, D0, FE, FF, FF, EF, 24, 1C, D1, 0F, EC, B9...
 
[+]

Code size:
1.1 MB (1,153,024 bytes)

Driver
Display name:
WayProtect

Type:
Kernel device driver (KernelDriver)


Scan wayprotect64.sys - Powered by Reason Core Security