home

wayprotect64.sys

Btra Away Ltda - ME

It runs as a Windows 64-bit kernel mode device driver named “WayProtect”.
Publisher:
Btra Away Ltda - ME  (signed and verified)

MD5:
bd4d18c8a292736360c60e253ebce0e0

SHA-1:
bbb8cf4773165a044f99978e3cea2e062d2e8f03

SHA-256:
26506c45bba04a8ced40a60514a39c481d17c920ed3048eb35a6ecf4e3aa14e1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 7:34:33 AM UTC  (today)

File size:
940.6 KB (963,144 bytes)

File type:
Driver (Win64 SYS)

Digital Signature
Signed by:
Btra Away Ltda - ME

Authority:
VeriSign, Inc.

Valid from:
3/24/2016 9:00:00 PM

Valid to:
10/16/2016 9:59:59 PM

Subject:
CN=Btra Away Ltda - ME, O=Btra Away Ltda - ME, L=Maraba, S=Para, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7174B1A630A1882CF557D67F83FB7545

File PE Metadata
Compilation timestamp:
9/20/2016 2:29:23 PM

OS version:
6.3

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
12.0

CTPH (ssdeep):
24576:t6WMul/VePBFnMCum0yYns41DhLDXzsx0QydBxfRjmx5DMo:Bl/cPnemKFRhLrzsxNydBzKn4o

Entry address:
0x1DE7C1

Entry point:
68, 19, 38, 39, A0, E8, 0B, ED, 02, 00, AC, 2E, 56, C2, 9E, A5, AC, 57, C2, B5, EC, AC, 57, C2, AC, 5B, AD, 57, C2, 23, AF, AD, 57, C2, 5F, 19, AC, 57, C2, A1, 18, AD, 57, C2, E4, 64, AC, 57, C2, 10, 2B, 71, 57, C2, 37, BB, 53, A9, 3D, 9D, 2E, 54, A8, 3D, 1A, AC, 54, A8, 3D, B0, 83, 55, A8, 3D, 2F, 12, 55, A8, 3D, 42, 85, 54, A8, 3D, 1D, 31, 54, A8, 3D, 55, 4F, 55, A8, 3D, 27, AE, 54, A8, 3D, 3A, 42, 55, A8, 3D, 7A, B5, 88, A8, 3D, 89, 56, 60, 69, C2, A4, 2A, CB, 57, C2, CA, AC, 6B, 97, 3D, BD, D1, AA, 3D...
 
[+]

Code size:
27 KB (27,648 bytes)

Driver
Display name:
WayProtect

Type:
Kernel device driver (KernelDriver)


Scan wayprotect64.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.