wayprotect64.sys

Btra Away Ltda - ME

It runs as a Windows 64-bit kernel mode device driver named “WayProtect”.
Publisher:
Btra Away Ltda - ME  (signed and verified)

MD5:
6eb76b21e641e999bbabb1cbfd09b1ba

SHA-1:
bfb46bc9b0c4c4a4cc3239b8f8eaca72e1d2c6a2

SHA-256:
ecb352c139ef2863b39d1e185584f8816648ad7a8c9389f4906ebb8e228295be

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/28/2024 10:12:30 AM UTC  (today)

File size:
965.6 KB (988,752 bytes)

File type:
Driver (Win64 SYS)

Common path:
C:\Program Files\muaway\wayprotect64.sys

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
10/15/2015 9:00:00 PM

Valid to:
10/15/2016 8:59:59 PM

Subject:
CN=Btra Away Ltda - ME, O=Btra Away Ltda - ME, L=Maraba, S=Para, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4D0F8404A5DEDB2EFC28EF44D3A50F93

File PE Metadata
Compilation timestamp:
9/13/2016 1:44:08 AM

OS version:
6.3

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
12.0

CTPH (ssdeep):
24576:Go2+XTu3yoduHjwKD6yijm0rnm8BaQFzBG:tiXUMiSa0rnt9Fs

Entry address:
0x154244

Entry point:
68, 80, D5, 73, 6A, E8, DD, 56, 0C, 00, A4, 24, B3, 27, 39, 4F, 7B, EC, 97, C3, C4, 7B, EC, BB, AC, 73, 7B, EC, EA, 24, D3, 7B, EC, 8D, C0, 86, 7B, EC, 8B, 5E, 51, 7B, EC, E1, DE, 40, 7B, EC, B0, 5D, 5D, 84, 4C, 90, 7E, F0, DB, 4B, B5, 37, 98, 83, 13, 78, C4, 23, 83, 13, 0F, 8F, 29, 83, 13, 68, 75, BA, 83, 13, 44, 93, ED, 83, 13, 15, FA, 2D, 83, 13, 72, 8F, B0, 83, 13, 74, 48, 57, 83, 13, 1E, C9, DE, 83, 13, 4F, 63, F3, 7C, B0, D2, F4, F8, F0, 19, FF, FF, FF, FF, 99, AC, D5, A0, C5, 4C, 6A, 3F, 1C, 4A, B9...
 
[+]

Code size:
27 KB (27,648 bytes)

Driver
Display name:
WayProtect

Type:
Kernel device driver (KernelDriver)


Scan wayprotect64.sys - Powered by Reason Core Security