home

wiserarprotect64.sys

ZipCustomization Help Driver

深圳市哈奇世界科技有限公司

It runs as a Windows 64-bit kernel mode device driver named “WiseRarProtect”.
Publisher:
深圳市哈奇世界科技有限公司  (signed and verified)

Product:
ZipCustomization Help Driver

Version:
0.0.0.1

MD5:
5242606a1ffcfde077ac4d1e1fe16380

SHA-1:
80038b37e6678234de3fd2f7850aa82943b02465

SHA-256:
9b23bc63a1e2d9a301a2b8b7f8758468fb659bff02971652360ddcd2e516dd87

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 6:21:11 AM UTC  (today)

File size:
96.4 KB (98,760 bytes)

Product version:
0.0.0.1

Original file name:
ZipCustomization.sys

File type:
Driver (Win64 SYS)

Language:
Language Neutral

Digital Signature
Signed by:
深圳市哈奇世界科技有限公司

Authority:
Symantec Corporation

Valid from:
2/17/2016 8:00:00 AM

Valid to:
2/17/2018 7:59:59 AM

Subject:
CN=深圳市哈奇世界科技有限公司, OU=IT Dept, O=深圳市哈奇世界科技有限公司, L=Shenzhen, S=Guangdong, C=CN

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
02DC7FCB1F3A2DF08A14B81D6CCBD069

File PE Metadata
Compilation timestamp:
4/1/2016 9:31:51 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

Entry address:
0x1000

Entry point:
48, 89, 5C, 24, 10, 48, 89, 6C, 24, 18, 48, 89, 74, 24, 20, 57, 48, 83, EC, 60, 48, 8B, F2, 48, 8B, F9, 33, ED, BA, 28, 02, 00, 00, 33, C9, 41, B8, 31, 74, 6C, 4D, 48, 89, 6C, 24, 70, FF, 15, 24, C0, 00, 00, 48, 8B, C8, 48, 85, C0, 74, 0C, 48, 8D, 05, 3D, C4, 00, 00, 48, 89, 01, EB, 03, 48, 8B, CD, 48, 8B, 01, 48, 8D, 15, BB, C2, 00, 00, 48, 89, 0D, 2C, 02, 01, 00, FF, 50, 08, 48, 8D, 15, FA, C2, 00, 00, 48, 8D, 4C, 24, 40, C7, 05, AF, EF, 00, 00, 01, 00, 00, 00, FF, 15, A5, BF, 00, 00, 48, 8D, 15, 0E, C3...
 
[+]

Entropy:
6.5525

Code size:
46.5 KB (47,616 bytes)

Driver
Display name:
WiseRarProtect

Type:
Kernel device driver (KernelDriver)


Scan wiserarprotect64.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.