home

366d87a2.sys

The file 366d87a2.sys has been detected as malware by 5 anti-virus scanners. It runs as a Windows kernel mode device driver named “366d87a2”.
MD5:
cf77a5e2b4605d4ba17f4273bd02d9cf

SHA-1:
e8db8e4b55a8695e61798cdf03c0e0e99d819932

Scanner detections:
5 / 68

Status:
Malware

Analysis date:
4/28/2024 10:36:34 PM UTC  (today)

Scan engine
Detection
Engine version

Clam AntiVirus
Win.Trojan.Agent-596118
0.98/23207

Dr.Web
Trojan.PWS.Gamania.40421
9.0.1.05190

ESET NOD32
Win32/PSW.OnLineGames.QPG trojan
6.3.12010.0

F-Prot
W32/SYStroj.AX.gen
4.6.5.141

Kaspersky
Trojan-PSW.Win32.Mapler
15.0.2.529

File size:
42.6 KB (43,616 bytes)

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\366d87a2.sys

File PE Metadata
Compilation timestamp:
4/3/2013 11:42:24 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
5.12

Entry address:
0x3D3D

Entry point:
55, 8B, EC, 81, EC, 60, 0C, 00, 00, 53, 56, 57, 6A, 07, 59, BE, DE, 34, 01, 00, 8D, 7D, C4, 6A, 09, F3, A5, 59, BE, FA, 34, 01, 00, 8D, 7D, A0, 33, DB, F3, A5, B9, FF, 02, 00, 00, 33, C0, 8D, BD, A1, F3, FF, FF, 88, 9D, A0, F3, FF, FF, F3, AB, 66, AB, AA, 8D, 05, 58, 0D, 01, 00, 8D, 05, F0, 0C, 01, 00, 8D, 05, E0, 0C, 01, 00, E8, 0C, F7, FF, FF, 53, 8D, 85, A0, F3, FF, FF, 68, 00, 0C, 00, 00, 50, 6A, 0B, FF, 15, 38, 0D, 01, 00, 8B, 85, AC, F3, FF, FF, 3B, C3, 89, 45, F8, 74, 11, 8B, 48, 3C, 81, 7C, 01, 08...
 
[+]

Entropy:
3.6763

Developed / compiled with:
Microsoft Visual C++

Code size:
18.8 KB (19,232 bytes)

Driver
Display name:
366d87a2

Type:
Kernel device driver (KernelDriver)


Remove 366d87a2.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.