home

acmoflex64rd5.sys

ArchiCrypt MoFlex SDK V5 Callback Virtual Disk

Softwareentwicklung Patric Remus - ArchiCrypt - (Patric W.Remus)

It runs as a Windows 64-bit kernel mode device driver named “ACMoFlex64RD5”.
Publisher:
Softwareentwicklung Remus - ArchiCrypt.de  (signed by Softwareentwicklung Patric Remus - ArchiCrypt - (Patric W.Remus))

Product:
ArchiCrypt MoFlex SDK V5 Callback Virtual Disk

Description:
ArchiCrypt MoFlex Engine Driver

Version:
5.1.1.1

MD5:
a7bcccf7d23aeba4ca13886bb4d1691c

SHA-1:
adeafaa3e1b02a52bb0dc699f083067475998e74

SHA-256:
3bfc9da8e25fc6cff1e2a6721389eb84543be54e6bded9e6b65057778e2c5ca2

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 4:42:45 AM UTC  (today)

File size:
24.2 KB (24,760 bytes)

Product version:
5.1.1.1

Copyright:
Copyright (C) 2009-2015

Trademarks:
ArchiCrypt

Original file name:
ACMoFlex.sys

File type:
Driver (Win64 SYS)

Language:
German (Germany)

Common path:
C:\Windows\System32\drivers\acmoflex64rd5.sys

Digital Signature
Signed by:
Softwareentwicklung Patric Remus - ArchiCrypt - (Patric W.Remus)

Authority:
GlobalSign nv-sa

Valid from:
9/2/2013 1:57:23 PM

Valid to:
11/21/2015 5:39:23 PM

Subject:
E=Anfrage@ArchiCrypt.com, CN=Softwareentwicklung Patric Remus - ArchiCrypt - (Patric W.Remus), O=Softwareentwicklung Patric Remus - ArchiCrypt - (Patric W.Remus), L=Ottobrunn, S=Bayern, C=DE

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121BBB266E9958ED68E2A17AF4FA41BDF8E

File PE Metadata
Compilation timestamp:
11/14/2015 11:55:06 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
10.0

CTPH (ssdeep):
384:L1o3MowozDEbkoERhFEcs9V0m1Q4qj7A3IKJ7EYq+A5P2XV:L1XohRhCvb31QDAYQg+A2

Entry address:
0x2B70

Entry point:
40, 53, 48, 83, EC, 60, 48, 8D, 05, 93, FD, FF, FF, 48, 8B, D9, 48, 8D, 15, CD, 19, 00, 00, 48, 89, 41, 70, 48, 89, 81, 80, 00, 00, 00, 48, 8D, 05, A7, FD, FF, FF, 48, 89, 81, 88, 00, 00, 00, 48, 89, 81, 90, 00, 00, 00, 48, 8D, 05, 32, FE, FF, FF, 48, 89, 81, E0, 00, 00, 00, 48, 8D, 05, 64, FE, FF, FF, 45, 33, C9, 48, 89, 81, 48, 01, 00, 00, 48, 8D, 05, A3, FE, FF, FF, 45, 33, C0, 48, 89, 81, F0, 00, 00, 00, 48, 8D, 05, 62, FF, FF, FF, 48, 89, 41, 68, 48, 8D, 0D, 67, 19, 00, 00, FF, 15, B1, E4, FF, FF, 48...
 
[+]

Code size:
13.5 KB (13,824 bytes)

Driver
Display name:
ACMoFlex64RD5

Type:
Kernel device driver (KernelDriver)


Scan acmoflex64rd5.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.