home

wayprotect64.sys

Btra Away Ltda - ME

It runs as a Windows 64-bit kernel mode device driver named “WayProtect”.
Publisher:
Btra Away Ltda - ME  (signed and verified)

MD5:
652e71926b1d529dae8a02911793b5f7

SHA-1:
ed2959999d9f9874709400fc080bc4b95b67d4fa

SHA-256:
cc010e93721d49142230c6f6749f11212a7d9e9596734daebc5a2f5659c46ee8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 7:46:08 AM UTC  (today)

File size:
961.1 KB (984,136 bytes)

File type:
Driver (Win64 SYS)

Digital Signature
Signed by:
Btra Away Ltda - ME

Authority:
VeriSign, Inc.

Valid from:
3/24/2016 9:00:00 PM

Valid to:
10/16/2016 9:59:59 PM

Subject:
CN=Btra Away Ltda - ME, O=Btra Away Ltda - ME, L=Maraba, S=Para, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7174B1A630A1882CF557D67F83FB7545

File PE Metadata
Compilation timestamp:
9/30/2016 12:21:32 PM

OS version:
6.3

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
12.0

CTPH (ssdeep):
12288:YXZTEG5FlaQNYaKGz8YITYTtiWqO++pA0y2fNmQwfSsWW+1Uf4AgDGvF7/sn:6PeaDptP/+bH2fNm9fZWUgDETO

Entry address:
0x210221

Entry point:
68, 75, 18, 3C, DF, E8, 1F, 77, 00, 00, 2B, C2, B7, 7E, 83, C1, 59, A1, 67, 1D, 7F, 59, 21, 67, C1, 63, 59, 21, 6D, E5, A7, 59, E1, 67, C2, 6F, A6, 88, 90, C8, 9A, 7E, CA, 8F, F8, 5A, AC, DE, 90, E4, 86, AC, 9E, 94, E1, B3, AC, 1E, 98, 16, 44, AC, 1E, 94, E1, B3, AC, 5E, 91, 43, 11, AC, 5E, 98, 4D, 2F, AC, DE, 98, 41, 03, AC, DE, 92, C5, 87, AC, 1E, 98, 7A, A7, 53, 77, 6F, C0, 92, 8B, 35, 70, 78, 2A, 59, 21, 6F, 84, C6, 99, 66, 63, 38, 6C, 32, 4A, FE, FF, FF, 1F, B4, B9, 90, 99, 7F, 3D, 41, F4, B6, E6, 95...
 
[+]

Code size:
27 KB (27,648 bytes)

Driver
Display name:
WayProtect

Type:
Kernel device driver (KernelDriver)


Scan wayprotect64.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.