home

wayprotect64.sys

Btra Away Ltda - ME

It runs as a Windows 64-bit kernel mode device driver named “WayProtect”.
Publisher:
Btra Away Ltda - ME  (signed and verified)

MD5:
57e8d800ac94611b0e3a0ed51525e952

SHA-1:
a16e08bd85b4b8d275eb2585ad50eede047bf312

SHA-256:
58280a9d29f09d20dc1c7178d0106a31a8b34917a6cad2c7fe10f739edff0bd5

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 7:27:40 AM UTC  (today)

File size:
959.6 KB (982,600 bytes)

File type:
Driver (Win64 SYS)

Digital Signature
Signed by:
Btra Away Ltda - ME

Authority:
VeriSign, Inc.

Valid from:
3/24/2016 9:00:00 PM

Valid to:
10/16/2016 8:59:59 PM

Subject:
CN=Btra Away Ltda - ME, O=Btra Away Ltda - ME, L=Maraba, S=Para, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7174B1A630A1882CF557D67F83FB7545

File PE Metadata
Compilation timestamp:
9/28/2016 11:02:03 AM

OS version:
6.3

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
12.0

CTPH (ssdeep):
24576:M5ATVlZFTLzyvl0IdJEbCIIqoWRKs7UKAv53FEuSP:PXPqjEbCLqoWRK8RuSP

Entry address:
0x1EECAA

Entry point:
68, A2, 8C, 3D, 9A, E8, 87, C6, 02, 00, 50, F0, 1F, FD, FD, 8B, 37, 92, 63, E9, B4, F9, C2, AF, 60, 7D, 44, E0, 4D, C5, C8, 0F, 2D, 2C, 6C, 11, 9C, BF, 0F, 99, 12, 27, 17, 7E, 36, 35, CA, 8A, 27, 90, D5, 2F, 0C, 7D, 7D, 7F, 09, E5, 21, 08, 4E, 47, CD, 24, ED, D4, 5B, 56, C5, 04, B9, E6, D7, 2A, 15, 98, 96, 86, 87, 84, 20, 2E, 5D, 9C, E1, 11, 1E, BE, 03, 17, 8B, C4, 46, D6, 01, 13, EC, 94, 1E, 46, A3, E4, 85, 9B, 70, 9C, B9, 89, CC, C8, 45, 52, B8, 70, C8, EB, 9C, 13, D6, 4A, 7B, 3A, 2B, 5A, 85, 1B, 3E, 28...
 
[+]

Code size:
27 KB (27,648 bytes)

Driver
Display name:
WayProtect

Type:
Kernel device driver (KernelDriver)


Scan wayprotect64.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.