home

apmdrive.sys

apmdrive

abylonsoft

It runs as a Windows kernel mode device driver named “APMPDRIVE DRIVER”.
Publisher:
abylonsoft  (signed and verified)

Product:
apmdrive

Description:
apm - virtual disk drive

Version:
4, 0, 0, 5

MD5:
03a62d70eff8343ed774e05252eb6dd5

SHA-1:
444aa9bc341595b74c9c88bc3f1eb9de758e4d47

SHA-256:
2ac2008fbdaadcc37996e79519873d2ea0efe6635610a73d6a08a7cfbb4c55a7

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 12:31:13 AM UTC  (today)

File size:
60.9 KB (62,408 bytes)

Product version:
4, 0, 0, 5

Copyright:
(c) 2002 bis 2010 by abylonsoft

Trademarks:
abylonsoft

Original file name:
apmdrive.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\apmdrive.sys

Digital Signature
Signed by:
abylonsoft

Authority:
COMODO CA Limited

Valid from:
8/8/2011 6:00:00 AM

Valid to:
8/8/2012 5:59:59 AM

Subject:
CN=abylonsoft, O=abylonsoft, STREET=Zum Eichwald 43, L=Seibersbach, S=RLP, PostalCode=55444, C=DE

Issuer:
CN=COMODO Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00961DAE982D155412897545469F6E1484

File PE Metadata
Compilation timestamp:
7/29/2010 2:27:44 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
7.0

CTPH (ssdeep):
768:tgLa1I0yeAlkRGXbs0clK/s4kLY7keahodS4AgcSjpL0itjhLZHEc:6LalyHlYGLs0XksdS4ArSjpPvFEc

Entry address:
0xC78C

Entry point:
55, 8B, EC, 83, EC, 20, 33, C0, 53, 57, 33, DB, 66, 89, 5D, F8, 8D, 7D, FA, AB, 66, AB, 33, C0, 39, 5D, 0C, 89, 5D, E0, 8D, 7D, E4, AB, AB, AB, AB, AB, 75, 0A, B8, 83, 01, 00, C0, E9, E0, 00, 00, 00, 56, 8B, 75, 08, 3B, F3, 75, 0A, B8, 83, 01, 00, C0, E9, CD, 00, 00, 00, 68, 68, C7, 01, 00, 8D, 45, F8, 50, FF, 15, 3C, 03, 01, 00, 8D, 45, F8, 89, 45, E8, 8D, 45, E0, 50, 68, 0F, 00, 0F, 00, 68, 40, A5, 01, 00, C7, 45, E0, 18, 00, 00, 00, 89, 5D, E4, C7, 45, EC, 10, 00, 00, 00, 89, 5D, F0, 89, 5D, F4, FF, 15...
 
[+]

Entropy:
6.7167

Developed / compiled with:
Microsoft Visual C++

Code size:
32.7 KB (33,472 bytes)

Driver
Display name:
APMPDRIVE DRIVER

Service name:
APMDRIVE

Description:
CRYPTDRIVE

Type:
Kernel device driver (KernelDriver)

Group:
CRYPTDRIVE


Scan apmdrive.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.