home

wayprotect64.sys

Btra Away Ltda - ME

It runs as a Windows 64-bit kernel mode device driver named “WayProtect”.
Publisher:
Btra Away Ltda - ME  (signed and verified)

MD5:
80a3d125deab38ee04d4f80a5d04c1f3

SHA-1:
750b3be5bcedee8eb508c48497ad31cbbc47a0b2

SHA-256:
27040759fdb6b6d1549bcc27417e77fba87a422591788b5a329272e3f43717cc

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 7:50:50 AM UTC  (today)

File size:
979.1 KB (1,002,568 bytes)

File type:
Driver (Win64 SYS)

Digital Signature
Signed by:
Btra Away Ltda - ME

Authority:
VeriSign, Inc.

Valid from:
3/24/2016 9:00:00 PM

Valid to:
10/16/2016 9:59:59 PM

Subject:
CN=Btra Away Ltda - ME, O=Btra Away Ltda - ME, L=Maraba, S=Para, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7174B1A630A1882CF557D67F83FB7545

File PE Metadata
Compilation timestamp:
9/16/2016 11:51:06 AM

OS version:
6.3

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
12.0

CTPH (ssdeep):
12288:CcKe1MPo/qLL370kiGhv5AC1QEQiJjgbVE684NckJxAiekXwgVZMjnGNQy0VqtMR:LKeSLPY2Qilg5g4/lTXwbGj06Ykkncs

Entry address:
0x14D4D8

Entry point:
68, 81, 6B, D5, A5, E8, 53, 63, 0D, 00, 1C, 2B, BD, 57, D9, 8C, 7D, EB, 0E, D7, 25, 7D, EB, 7E, 59, 64, 7D, EB, 76, 50, 0D, 7D, EB, 11, 4E, 3B, 7D, EB, 18, 31, 24, 7D, EB, 04, F2, C6, 7D, 41, 42, E7, AA, D4, 5B, 8E, A9, EC, 9B, 14, D8, 8E, 54, 9B, 14, DA, 44, E6, 9B, 14, F8, 13, 16, 9B, 14, F1, 9A, A7, 9B, 14, 81, AC, 6E, 9B, 14, 89, 3D, 97, 9B, 14, EE, 93, 01, 9B, 14, E7, DB, C6, 9B, 14, FB, 60, 0C, 9B, BE, BD, 7D, 58, 32, 87, F9, E8, A1, 14, 48, 01, 02, 60, F4, E0, D2, 27, E7, D4, 81, 19, B3, A9, 29, BE...
 
[+]

Code size:
27 KB (27,648 bytes)

Driver
Display name:
WayProtect

Type:
Kernel device driver (KernelDriver)


Scan wayprotect64.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.