home

ArpDefender.sys

ArpDefender

Hangzhou Shunwang Technology Co.,Ltd

It runs as a Windows kernel mode device driver named “Sunward Arp Defender”.
Publisher:
Sunward Technology Co.Ltd  (signed by Hangzhou Shunwang Technology Co.,Ltd)

Product:
ArpDefender

Description:
2013/09/05 周四 17:52:35.53 fre i386

Version:
1.0.1.0 built by: WinDDK

MD5:
13821c330209b4bcfa2840b336db3243

SHA-1:
aca9f7d75b14061fa0230a30230916f3cc12147a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/20/2024 4:53:38 AM UTC  (today)

File size:
49.8 KB (51,008 bytes)

Product version:
1.0.1.0

Copyright:
Sunward Technology Co.Ltd

Original file name:
ArpDefender.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\arpdefender.sys

Digital Signature
Signed by:
Hangzhou Shunwang Technology Co.,Ltd

Authority:
GlobalSign nv-sa

Valid from:
6/27/2011 11:56:06 AM

Valid to:
6/27/2014 11:56:06 AM

Subject:
CN="Hangzhou Shunwang Technology Co.,Ltd", O="Hangzhou Shunwang Technology Co.,Ltd", L=Hangzhou, S=Zhejiang, C=CN

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121C389611C656AF0D3AB84786EC9517946

File PE Metadata
Compilation timestamp:
9/5/2013 5:52:38 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

Entry address:
0x9912

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 5C, FF, FF, FF, 73, 00, 66, 00, 69, 00, 6C, 00, 74, 00, 65, 00, 72, 00, 00, 00, 5C, 00, 52, 00, 65, 00, 67, 00, 69, 00, 73, 00, 74, 00, 72, 00, 79, 00, 5C, 00, 4D, 00, 61, 00, 63, 00, 68, 00, 69, 00, 6E, 00, 65, 00, 5C, 00, 53, 00, 79, 00, 73, 00, 74, 00, 65, 00, 6D, 00, 5C, 00, 43, 00, 75, 00, 72, 00, 72, 00, 65, 00, 6E, 00, 74, 00, 43, 00, 6F, 00, 6E, 00, 74, 00, 72, 00, 6F, 00, 6C, 00, 53, 00, 65, 00, 74, 00, 5C, 00, 53, 00, 65, 00, 72, 00, 76, 00, 69, 00...
 
[+]

Entropy:
6.6231

Code size:
38.6 KB (39,552 bytes)

Driver
Display name:
Sunward Arp Defender

Service name:
sfilter

Type:
Kernel device driver (KernelDriver)

Group:
PNP_TDI


Scan ArpDefender.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.