home

audas0.sys

Virtual Hardware Device

NGO

It runs as a Windows kernel mode device driver named “%AuDaS0.SvcDescr%”.
Publisher:
nodongle.biz solutions  (signed by NGO)

Product:
Virtual Hardware Device

Description:
Virtual Hardware Device Driver

Version:
3.0 built by: WinDDK

MD5:
1b0febc9355703b1127459578e982534

SHA-1:
823b00544b5d54e15a50a6f7160fe18cc9662b0c

SHA-256:
30d3ba58272f4bd1ee4a8374269dda1525b3926e650261797878ee810aaf7ba7

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 7:22:45 PM UTC  (today)

File size:
855.8 KB (876,288 bytes)

Product version:
3.0

Copyright:
Copyright (c) support@nodongle.biz. All rights reserved.

Original file name:
ndVHDD.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\audas0.sys

Digital Signature
Signed by:
NGO

Authority:
NGO

Valid from:
2/29/2016 9:51:19 AM

Valid to:
1/1/2040 12:59:59 PM

Subject:
CN=NGO

Issuer:
CN=NGO

Serial number:
BE6C15DE3D4838844776FE0EB6141DBB

File PE Metadata
Compilation timestamp:
12/30/2013 10:44:38 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
24576:QtbZi4au5VsqDV12OK36XZEk3JC0DPpu+SH/Eh:OiE5VsqDij6XT3Yr/H/Eh

Entry address:
0xC637F

Entry point:
55, E8, 8D, 74, 00, 00, 52, 89, 44, 24, 14, 60, FF, 74, 24, 34, C2, 38, 00, 60, 66, 0F, BE, F0, 53, 8B, 75, 0C, E9, 6A, 6A, 00, 00, 88, 54, 24, 04, 8D, 64, 24, 08, 0F, 84, B3, 65, 00, 00, E8, 18, D6, FF, FF, 68, 2D, EB, AF, CC, 89, 04, 24, FE, C8, 56, 3A, 07, 8A, 24, 24, 8D, 7F, 01, 0F, 93, C0, 8B, 44, 24, 48, E8, 8B, E2, FF, FF, 68, EB, D9, 21, BD, 75, F5, 92, 07, 6B, 33, 25, F2, 2E, A6, A4, 51, 81, 29, C5, 8A, C8, 89, CD, 4E, 5B, CA, C7, 5D, 45, 1C, 58, 07, 51, 16, 4E, 19, 45, 08, ED, 3B, DE, 10, 0B, A5...
 
[+]

Entropy:
7.7589  (probably packed)

Code size:
102.3 KB (104,704 bytes)

Driver
Display name:
%AuDaS0.SvcDescr%

Service name:
audas0

Type:
Kernel device driver (KernelDriver)

Group:
Extended Base


Scan audas0.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.