home

wayprotect64.sys

Btra Away Ltda - ME

It runs as a Windows 64-bit kernel mode device driver named “WayProtect”.
Publisher:
Btra Away Ltda - ME  (signed and verified)

MD5:
ccd22c6a33bbe9d457d6b66ca4013ab4

SHA-1:
4da5edbb5597281d0d2ce835d35ba45f999f607f

SHA-256:
a48c822f0dc827101552d8723422b97441ed5189e6a6288296d7ddaa251ae943

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 7:55:59 AM UTC  (today)

File size:
938.6 KB (961,096 bytes)

File type:
Driver (Win64 SYS)

Digital Signature
Signed by:
Btra Away Ltda - ME

Authority:
VeriSign, Inc.

Valid from:
3/24/2016 9:00:00 PM

Valid to:
10/16/2016 9:59:59 PM

Subject:
CN=Btra Away Ltda - ME, O=Btra Away Ltda - ME, L=Maraba, S=Para, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7174B1A630A1882CF557D67F83FB7545

File PE Metadata
Compilation timestamp:
9/22/2016 3:04:33 PM

OS version:
6.3

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
12.0

CTPH (ssdeep):
24576:o4YTmp+cIq3n2Pw/TEesBoL2Mp13qgna7eCbBA:o4/hIq4wLEKLpBmlS

Entry address:
0x1FE3D8

Entry point:
68, 11, 75, 65, 99, E8, 77, 9C, 01, 00, EA, 17, E0, BF, A7, 00, B7, E0, BF, 2D, 7E, 4F, E0, BF, 9D, D4, 4F, E0, BF, E6, B7, 4F, E0, BF, D1, 40, 4F, E0, BF, 7E, 95, 4F, E0, BF, 8A, 2B, 4F, E0, BF, 55, A0, 4F, E0, BF, 64, E3, 4F, E0, BF, C6, 45, 4F, E0, BF, 2E, 4C, 0B, 1F, 40, 99, 0E, 42, 1F, 40, EB, 88, BA, 1F, 40, 63, DA, BA, 1F, 40, C0, A1, BA, 1F, 40, 07, 96, BA, 1F, 40, C0, 5B, BA, 1F, 40, 94, D5, BA, 1F, 40, D3, 36, 89, 1F, 40, 3F, 7F, 38, 53, FE, FF, FF, 7E, B1, 3F, E0, FF, 0D, DE, 73, E1, FF, F1, A4...
 
[+]

Code size:
27 KB (27,648 bytes)

Driver
Display name:
WayProtect

Type:
Kernel device driver (KernelDriver)


Scan wayprotect64.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.