wayprotect64.sys

Btra Away Ltda - ME

It runs as a Windows 64-bit kernel mode device driver named “WayProtect”.
Publisher:
Btra Away Ltda - ME  (signed and verified)

MD5:
2f47aca070ea3e215c47419437f70269

SHA-1:
420c50733a1b0db6e0ab7bbc9272984b212428ef

SHA-256:
53c6fdf2b8fb378daebdb3f2b7b370aa8a4ae60098b4ba48419b972dc3c642af

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/28/2024 11:49:05 AM UTC  (today)

File size:
954.7 KB (977,632 bytes)

File type:
Driver (Win64 SYS)

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
3/24/2016 9:00:00 PM

Valid to:
10/16/2016 9:59:59 PM

Subject:
CN=Btra Away Ltda - ME, O=Btra Away Ltda - ME, L=Maraba, S=Para, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7174B1A630A1882CF557D67F83FB7545

File PE Metadata
Compilation timestamp:
10/6/2016 3:15:22 PM

OS version:
6.3

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
12.0

CTPH (ssdeep):
24576:VCcRTa67aPB1RqiHuUBmFc5Lgb09DS07/82Eb5PGITgX/V87I8F:VJTaxGrUKceb0F/70Xb5dc987pF

Entry address:
0x1FF540

Entry point:
68, 5F, EF, AF, A0, E8, ED, A4, 01, 00, 00, 40, 01, 00, BD, 57, 13, 00, 60, 00, 00, 68, 00, 60, 00, 00, 50, 4B, 00, 00, 40, 00, 00, 48, 00, 10, 00, 00, 23, 47, 00, 00, 20, 00, 00, 68, 00, B0, 00, 00, 74, 46, 00, 00, 40, 00, 00, C8, 00, 00, 01, 00, 3C, 03, 00, 00, 40, 00, 00, 48, 00, 10, 01, 00, 87, 19, 00, 00, 20, 00, 00, 60, 00, 30, 01, 00, A4, 09, 00, 00, 20, 00, 00, 62, BD, 7D, 1F, 40, 20, C0, 97, 1F, 42, A6, 67, 97, 1F, 42, FA, A6, 97, 1F, 42, 47, C8, 10, E0, BF, 10, 74, 56, E0, BF, 8E, 97, 6E, E0, BD...
 
[+]

Code size:
27 KB (27,648 bytes)

Driver
Display name:
WayProtect

Type:
Kernel device driver (KernelDriver)


Scan wayprotect64.sys - Powered by Reason Core Security