wayprotect64.sys

Btra Away Ltda - ME

It runs as a Windows 64-bit kernel mode device driver named “WayProtect”.
Publisher:
Btra Away Ltda - ME  (signed and verified)

MD5:
df32333199b275a4e1d0473653e9eb61

SHA-1:
c8b643ed27c312afe83038b3b5b9d2b49adbe4e7

SHA-256:
371e9a8daed6191f33cb84004677516d8efdb00c2ec2d3fee03b69ef26c161c2

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/28/2024 11:44:21 AM UTC  (today)

File size:
972.6 KB (995,912 bytes)

File type:
Driver (Win64 SYS)

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
3/24/2016 9:00:00 PM

Valid to:
10/16/2016 8:59:59 PM

Subject:
CN=Btra Away Ltda - ME, O=Btra Away Ltda - ME, L=Maraba, S=Para, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7174B1A630A1882CF557D67F83FB7545

File PE Metadata
Compilation timestamp:
9/12/2016 9:15:24 PM

OS version:
6.3

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
12.0

CTPH (ssdeep):
24576:EKLDH7Iqq6dgoICGszFKQqSKVjUKtifBFO+0UEPMxL30oC5iPDJ:EUcsA8FKSwVuOPUqMF3q5+F

Entry address:
0x169577

Entry point:
68, F7, AB, 28, 06, E8, 5D, 99, 0B, 00, A5, 3C, C8, 1E, C0, 10, 5D, F0, 65, 1B, 9C, 76, E1, A0, D4, C9, E7, 7F, E7, E6, 2B, A9, 0F, 02, 1E, C4, A9, 0F, 52, CC, 25, A9, 0F, 52, 20, B2, A9, 0F, C2, EA, EB, A9, 0F, EA, C1, 02, A9, 0F, 8A, 56, EF, A9, 0F, 42, E2, 49, A9, 0F, 12, 7E, 68, A9, 0F, 9A, 41, 6C, 82, 1E, 5F, 2C, 19, 13, 80, 18, 0C, 93, 5D, F0, FD, A0, 44, 5D, F0, AD, 68, D5, 5D, F0, AD, F2, CA, 5D, F0, 3D, E8, BF, 5D, B0, 0E, 21, 87, E9, FF, FE, 00, 00, 00, DC, FA, E9, 93, B7, 66, 14, 77, 56, E3, 86...
 
[+]

Code size:
27 KB (27,648 bytes)

Driver
Display name:
WayProtect

Type:
Kernel device driver (KernelDriver)


Scan wayprotect64.sys - Powered by Reason Core Security