home

ale7_nf.sys

General Security

Norman AS

It runs as a Windows kernel mode device driver named “Norman Network Filter ALE driver”.
Publisher:
Norman Safeground AS  (signed by Norman AS)

Product:
General Security

Description:
ALE Network Filter Driver

Version:
2,6,4,1

MD5:
8018454546ab2c461098f11e19ad7804

SHA-1:
8cead21beaa62ff8587e6a89f3d78740fc861f9f

SHA-256:
7d2cd9df8204f2af91087cd87086a4fa9b14b9e21f140a79c864eb8305cf2481

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 10:02:13 PM UTC  (today)

File size:
113.4 KB (116,160 bytes)

Product version:
10.10

Copyright:
Copyright © 1990-2013 Norman Safeground AS

Original file name:
ale_nf.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\ale7_nf.sys

Digital Signature
Signed by:
Norman AS

Authority:
VeriSign, Inc.

Valid from:
10/11/2012 7:00:00 AM

Valid to:
10/12/2015 6:59:59 AM

Subject:
CN=Norman AS, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Norman AS, L=Oslo, S=Akershus, C=NO

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2F1A612E4FA60E9380BCF96E2B5D6E5B

File PE Metadata
Compilation timestamp:
8/5/2013 5:54:57 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
1536:xiWX9LnzWBcjHapcxo2iv++jlQsOLZUC3DsT0o3oftr60RSDXpwst1KS:xihcjHapcJi2UQsIUQK0o3oEZDXp911

Entry address:
0x7703E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, B8, 9F, F8, FF, CC, CC, 64, 71, 07, 00, 00, 00, 00, 00, 00, 00, 00, 00, FE, 75, 07, 00, 9C, 80, 01, 00, C8, 70, 07, 00, 00, 00, 00, 00, 00, 00, 00, 00, 8C, 76, 07, 00, 00, 80, 01, 00, EC, 70, 07, 00, 00, 00, 00, 00, 00, 00, 00, 00, E2, 76, 07, 00, 24, 80, 01, 00, 00, 71, 07, 00, 00, 00, 00, 00, 00, 00, 00, 00, B2, 79, 07, 00, 38, 80, 01, 00, DC, 70, 07, 00, 00, 00, 00, 00, 00, 00, 00, 00, 20, 7A, 07, 00, 14, 80, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.6940

Code size:
92.5 KB (94,720 bytes)

Driver
Display name:
Norman Network Filter ALE driver

Service name:
ALE_NF

Type:
Kernel device driver (KernelDriver)

Group:
filter


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.