» acmepro_x64.sys
Overview
Analysis
File Details
Behaviors (1)

acmepro_x64.sys

STUDIO ONLINE IN ENGLISH AND SPANISH CORPORATION S.A.C.

It runs as a Windows 64-bit file system device driver named “AcmePro_x64”.

File name:

acmepro_x64.sys

Publisher:

STUDIO ONLINE IN ENGLISH AND SPANISH CORPORATION S.A.C. (signed and verified)

MD5:

f4d802fb3ce0d5b2ef07471185cb9498

SHA-1:

b9cb4ff2531d286fcdcc6b83f1a484cc65047149

SHA-256:

4ad935c13682bcae7769bef9b0a31c64d3d0b7f8b541f481e5e58d5d3fe5e9f2

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/18/2024 3:29:43 AM UTC (today)

Scan engine

Detection

Engine version

Trend Micro House Call

Suspicious_GEN.F47V0707

7.2.284

File size:

23.2 KB (23,744 bytes)

File type:

Driver (Win64 SYS)

Digital Signature

Signed by:

STUDIO ONLINE IN ENGLISH AND SPANISH CORPORATION S.A.C.

Authority:

DigiCert Inc

Valid from:

2/10/2014 1:00:00 AM

Valid to:

2/18/2015 1:00:00 PM

Subject:

CN=STUDIO ONLINE IN ENGLISH AND SPANISH CORPORATION S.A.C., O=STUDIO ONLINE IN ENGLISH AND SPANISH CORPORATION S.A.C., L=Lima, C=PE

Issuer:

CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

0C276A4F19A0E30C563EBB5E3E4E8068

File PE Metadata

Compilation timestamp:

5/23/2014 5:16:25 PM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Native (none required)

Linker version:

10.0

CTPH (ssdeep):

384:zBs0r7+ur1CpiCh/jsuijZq3d+ZZv/K6jZq31FoT:GG7+urSiCVgVKgOFoT

Entry address:

0x6000

Entry point:

41, 55, 41, 56, 48, 83, EC, 68, 49, 89, CE, 48, 8D, 15, 6A, C6, FF, FF, 48, 8D, 4C, 24, 40, FF, 15, 63, C1, FF, FF, 49, 89, E3, 33, C0, 4C, 89, F1, 33, D2, 6A, 22, 41, 59, 4C, 8D, 44, 24, 40, 4C, 8D, 54, 24, 50, 41, 89, 43, 20, 41, 89, 43, 28, 4D, 89, 53, 30, FF, 15, 41, C0, FF, FF, 85, C0, 7D, 09, 48, 83, C4, 68, 41, 5E, 41, 5D, C3, 48, 8D, 15, E5, C5, FF, FF, 48, 8D, 4C, 24, 58, FF, 15, 1A, C1, FF, FF, 48, 8D, 4C, 24, 58, 48, 8D, 54, 24, 40, FF, 15, 1A, C0, FF, FF, 41, 89, C5, 45, 85, ED, 7D, 10, 48, 8B... 
[+]

Code size:

9 KB (9,216 bytes)

Driver

Display name:

AcmePro_x64

Type:

File system 'filter' driver (FileSystemDriver)

Group:

FSFilter Activity Monitor

Depends on:

FltMgr

Scan acmepro_x64.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.