» 360fltoem.sys
Overview
Analysis
File Details
Behaviors (1)

360fltoem.sys

360HipsOEM

Grupo Xango Tecnologia S/A

It runs as a Windows 64-bit file system device driver named “360FltOEM mini-filter driver”.

File name:

360fltoem.sys

Publisher:

360.cn (signed by Grupo Xango Tecnologia S/A)

Product:

360HipsOEM

Version:

6.8.0.1005

MD5:

f338f29e06d24ac1c162131c1c908fb5

SHA-1:

b5b7191db42e8519dc670b7bdedab99facc168c0

SHA-256:

62d5c8be2ec4509dfbcd4208bef4f26f191d1ab4394017484043c345cd84a305

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/26/2024 6:18:47 PM UTC (today)

File size:

281.9 KB (288,688 bytes)

Product version:

6.8.0.1005

Original file name:

360HipsOEM

File type:

Driver (Win64 SYS)

Language:

Chinese

Common path:

C:\Windows\System32\drivers\360fltoem.sys

Digital Signature

Signed by:

Grupo Xango Tecnologia S/A

Authority:

GlobalSign nv-sa

Valid from:

7/30/2012 6:18:00 PM

Valid to:

5/2/2013 5:37:48 PM

Subject:

CN=Grupo Xango Tecnologia S/A, OU=PSafe, O=Grupo Xango Tecnologia S/A, L=Rio de Janeiro, S=RJ, C=BR

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11218C18F955B2B586579276E3D94B0D68F9

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

3072:I93uTnNvcfR67uxd8VMtCLb6qtupqrAsbu9mm4X4dB2jR1sAQ:+uTgGu38GtK6qtupIg

Entry point:

48, 83, EC, 28, 4C, 8B, C2, 4C, 8B, C9, E8, 95, FF, FF, FF, 49, 8B, D0, 49, 8B, C9, 48, 83, C4, 28, E9, 7E, FC, FF, FF, CC, CC, CC, CC, CC, CC, 68, 00, 02, 02, 00, 00, 00, 00, 00, C4, 0B, 00, 00, 00, 00, 00, 70, C4, 0B, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 7C, 20, 01, 00, 00, 00, 00, 00, 08, B0, 0B, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Driver

Display name:

360FltOEM mini-filter driver

Service name:

360FltOEM

Type:

File system 'filter' driver (FileSystemDriver)

Group:

FSFilter Activity Monitor

Depends on:

FltMgr

Scan 360fltoem.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.