home

atitool64.sys

Low-Level Driver

techPowerUp

It runs as a Windows 64-bit kernel mode device driver named “ATITool Overclocking Utility”.
Publisher:
techPowerUp  (signed and verified)

Product:
Low-Level Driver

Version:
1.50

MD5:
a6fad7a5ada4675ba9c9feaf4e0542ba

SHA-1:
9241cae3bc4b56e38943b039191bd15390125d02

SHA-256:
d8a3f40795fe4b6b054909bbe06201dc2dd271f760439c17023bf5fd9ab4bddc

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 8:48:15 PM UTC  (today)

File size:
34.8 KB (35,624 bytes)

Product version:
1.50

Copyright:
Copyright 2004-2007 (c). All rights reserved.

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\atitool64.sys

Digital Signature
Signed by:
techPowerUp

Authority:
GlobalSign nv-sa

Valid from:
8/1/2007 10:34:03 AM

Valid to:
8/1/2008 10:34:03 AM

Subject:
E=admin@techpowerup.com, CN=techPowerUp, O=techPowerUp, C=HK

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
01000000000114208F6C03

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
384:ETCxpueCXl2HepCpGK5cegTQge0mG06DYHi9wmw5CeI4UAlq+vS2MtQJwHJ06dUF:EuuXM+CWQge3GdD+T17UAlq+vFMtmJiO

Entry point:
48, 53, 57, 48, 81, EC, 58, 08, 00, 00, 48, 8B, 05, BF, 4B, 00, 00, 48, 89, 84, 24, 40, 08, 00, 00, 48, 8B, FA, 33, D2, 48, 8B, D9, 44, 8D, 42, 38, 48, 8D, 0D, 04, 6C, 00, 00, E8, 0F, 20, 00, 00, 44, 0F, B7, 07, 48, 8B, 57, 08, 48, 8D, 4C, 24, 40, FF, 15, D4, EB, FF, FF, 48, 8D, 4C, 24, 40, 66, BA, 5C, 00, FF, 15, BD, EB, FF, FF, 48, 8D, 4C, 24, 30, 48, 8D, 50, 02, FF, 15, 3E, EB, FF, FF, 48, 8D, 54, 24, 30, 48, 8D, 0D, C2, 6B, 00, 00, 41, B0, 01, FF, 15, 91, EB, FF, FF, 48, 8D, 15, B2, 6B, 00, 00, 48, 8D...
 
[+]

Driver
Display name:
ATITool Overclocking Utility

Service name:
ATITool

Type:
Kernel device driver (KernelDriver)

Depends on:
Extended Base Video


Scan atitool64.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.