home

wayprotect64.sys

Btra Away Ltda - ME

It runs as a Windows 64-bit kernel mode device driver named “WayProtect”.
Publisher:
Btra Away Ltda - ME  (signed and verified)

MD5:
4b86a1760a9bf0b823f78bfa9b272ce5

SHA-1:
4272fd618a58646b3fabbced9473dac2181caf29

SHA-256:
c5504b5da1005ddfc8b6131e5911fe5d6c0614db7cab0812cb2f8ea6db8d7a9c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 7:53:09 AM UTC  (today)

File size:
971.1 KB (994,376 bytes)

File type:
Driver (Win64 SYS)

Digital Signature
Signed by:
Btra Away Ltda - ME

Authority:
VeriSign, Inc.

Valid from:
3/24/2016 9:00:00 PM

Valid to:
10/16/2016 9:59:59 PM

Subject:
CN=Btra Away Ltda - ME, O=Btra Away Ltda - ME, L=Maraba, S=Para, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7174B1A630A1882CF557D67F83FB7545

File PE Metadata
Compilation timestamp:
9/26/2016 3:59:37 PM

OS version:
6.3

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
12.0

CTPH (ssdeep):
24576:p9Gzzs4T4i+jPAiTa/boAfl0DvkOPFupj/:SzvwjPAiTc8Wl0pPCj/

Entry address:
0x2086CB

Entry point:
68, 73, A8, BF, FF, E8, AF, FA, 00, 00, D2, 7B, 6F, F3, 23, 09, 7B, AB, 9F, E3, 03, 7B, AB, 9B, A9, E9, 7B, AB, DB, 07, 49, 40, 21, 38, BB, 03, FE, D6, 2C, 12, 12, FE, 54, 4C, CC, 80, FE, 54, 64, 0E, 05, FE, 54, 7E, D3, E0, FE, 54, 5E, 02, 25, FE, 54, 6E, E7, 19, FE, 54, 60, BF, 9D, FE, 54, 60, 1F, 27, FE, 54, 64, FD, AD, FE, 54, 24, 9B, DD, C5, DE, C7, 13, 7F, 7B, 29, D3, 8A, D6, 7B, AB, B3, EC, FC, 7B, AB, 9B, 32, F9, 7B, AB, 81, 3F, BD, 46, 25, A2, 42, 4C, E2, 0A, 8B, D8, B6, 6C, 89, BE, C6, 1E, 4F, 54...
 
[+]

Code size:
27 KB (27,648 bytes)

Driver
Display name:
WayProtect

Type:
Kernel device driver (KernelDriver)


Scan wayprotect64.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.