wayprotect64.sys

Btra Away Ltda - ME

It runs as a Windows 64-bit kernel mode device driver named “WayProtect”.
Publisher:
Btra Away Ltda - ME  (signed and verified)

MD5:
105024d6345078ab51d96ca6a1cb15e0

SHA-1:
6c8e68765183ba7d2d4f1446550f67010e5ad67a

SHA-256:
ce2dd612d50792e39d10bc6b2546b10038107de1c99452c384cdac1ef08a268f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/28/2024 11:55:15 AM UTC  (today)

File size:
956.6 KB (979,528 bytes)

File type:
Driver (Win64 SYS)

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
3/24/2016 9:00:00 PM

Valid to:
10/16/2016 9:59:59 PM

Subject:
CN=Btra Away Ltda - ME, O=Btra Away Ltda - ME, L=Maraba, S=Para, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7174B1A630A1882CF557D67F83FB7545

File PE Metadata
Compilation timestamp:
8/19/2016 4:45:45 PM

OS version:
6.3

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
12.0

CTPH (ssdeep):
24576:jx4vWlwdGFGamAEODI3ydoD3+SPhrlOlni4hLHOlTVB9rV5yj:d4bGFGazEOmydoiApO1bONVB9rVYj

Entry address:
0x160FCC

Entry point:
68, 75, 19, EE, 40, E8, F1, AC, 0B, 00, DD, F9, 2B, E4, F9, DF, 06, E8, 57, 99, 37, 06, E8, 4F, C5, 03, 3B, 92, E7, 35, D4, 7F, 60, 73, 08, 18, 80, 17, 54, FE, A0, 80, 17, 90, 56, 71, 80, 17, 82, B3, EB, 80, 17, 84, 11, 3D, 80, 17, 7C, D7, 99, 80, 17, 58, 4B, 51, 80, 17, 60, 7F, 05, 80, 17, A8, 2F, 55, 80, 17, B0, E7, E1, BD, 6D, 18, 1F, C6, F9, 9F, 8C, F6, D2, 06, E8, AB, C8, B2, 06, E8, 6F, 6C, 53, 06, E8, 7D, 89, B9, 06, E8, 7B, 67, 8B, 27, AA, D9, AF, B4, D8, 17, D2, AA, D1, 4C, 3F, 8B, 81, 06, 82, A0...
 
[+]

Code size:
27 KB (27,648 bytes)

Driver
Display name:
WayProtect

Type:
Kernel device driver (KernelDriver)


Scan wayprotect64.sys - Powered by Reason Core Security