home

a0004126.sys

SIVDRIVER

RH Software

Publisher:
Ray Hinchliffe  (signed by RH Software)

Product:
SIVDRIVER

Description:
System Information Viewer NT4 Driver

Version:
V3.33 (V3.31)

MD5:
c5444ca8236e6a4df00d5d5b13479537

SHA-1:
de62946ee511a71b4f9476fadc8f727c8d486224

SHA-256:
b5ba7dd428be5b07e47aa986f60160c8ccc462c758f5b271f58ac03f6c6bdd48

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/16/2024 9:26:55 PM UTC  (today)

File size:
26.9 KB (27,560 bytes)

Product version:
V3.33

Copyright:
Copyright © Ray Hinchliffe 2001-2008

Original file name:
SIVNT4.sys

File type:
Driver (Win32 SYS)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\s-1-5-31-1286970278978-5713669491-166975984-320\rotinom\system volume information\_restore{9e67248a-f152-4710-a4b8-745cd4ffe586}\rp7\a0004126.sys

Digital Signature
Signed by:
RH Software

Authority:
VeriSign, Inc.

Valid from:
12/6/2007 4:00:00 AM

Valid to:
2/21/2009 3:59:59 AM

Subject:
CN=RH Software, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=RH Software, S=Hants, C=GB

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6CCFDCBA5E421AB13DD4352AC138160C

File PE Metadata
Compilation timestamp:
8/14/2008 10:32:42 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
6.0

CTPH (ssdeep):
384:zjGji7Kt4TcaQO9G3mfz7Ry6a6fY94yGazURLC0kklsKi/ldfsYJLWRubDJ6jl:zjGWGCIO9GkP7q4HQkrq7fhLxbDJml

Entry address:
0x4720

Entry point:
55, 8B, EC, 83, EC, 28, 53, 56, 57, 68, 00, 3D, 01, 00, 8D, 45, E0, 50, FF, 15, BC, 02, 01, 00, 8B, 75, 0C, 8D, 45, FC, 50, 33, FF, 57, 57, 6A, 22, 8D, 45, E0, 50, 0F, B7, 06, 05, A4, 02, 00, 00, 50, FF, 75, 08, FF, 15, B8, 02, 01, 00, 3B, C7, 0F, 8C, 48, 02, 00, 00, 8B, 45, FC, 6A, 04, 59, 09, 48, 1C, 8B, 45, FC, 8B, 58, 28, 89, 4B, 38, 89, 7B, 08, 89, 7B, 0C, 89, 7B, 10, C7, 43, 2C, 09, 00, 00, 00, C7, 43, 30, 0A, 00, 00, 00, C7, 43, 34, 0B, 00, 00, 00, 66, 8B, 46, 02, 66, 89, 43, 02, 66, 8B, 06, 66, 89...
 
[+]

Entropy:
6.5962

Developed / compiled with:
Microsoft Visual C++

Code size:
16 KB (16,384 bytes)

Scan a0004126.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.