home

bedaisy.sys

Bastian Suter

It runs as a Windows kernel mode device driver named “BEDaisy”.
Publisher:
Bastian Suter  (signed and verified)

MD5:
fadd1fb8811491d90a61afd13a0a0d7d

SHA-1:
162a53ee1c6d8af93b431f441e9895cd103fcd83

SHA-256:
c4c7a34ee34376bcc65e31bbe8bce0a1d5acce7f756b50b998026069b985c40e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 10:49:21 PM UTC  (today)

File size:
210.3 KB (215,360 bytes)

File type:
Driver (Win32 SYS)

Common path:
C:\Program Files\common files\battleye\bedaisy.sys

Digital Signature
Signed by:
Bastian Suter

Authority:
DigiCert Inc

Valid from:
7/15/2015 3:00:00 AM

Valid to:
12/30/2016 2:00:00 PM

Subject:
CN=Bastian Suter, O=Bastian Suter, L=Tübingen, S=Baden-Württemberg, C=DE

Issuer:
CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
036EEE651CB75C856158F1A4B933288B

File PE Metadata
Compilation timestamp:
7/12/2015 3:15:27 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
6144:rFrHaVIvRRJg6DDVBY1YdEf4zQWRoc1x8QqqC:xr6VKRzHBaYdEf4Q81yqC

Entry address:
0x2D3CD

Entry point:
60, E9, 38, 8B, 02, 00, E9, 9D, 6F, 02, 00, 9C, 0F, 9A, C0, AC, F9, C0, C8, 04, 54, FE, C0, F5, C6, 04, 24, 11, 9C, C0, C8, 03, 54, FE, C8, 68, 24, 26, BB, 1C, E8, 76, BA, 02, 00, 8D, 64, 24, 08, 0F, 87, 6F, 7D, 02, 00, C0, D0, 02, 29, FB, D0, E0, 01, E3, D2, C8, 66, 81, E7, E5, FC, 89, DF, D2, D8, 14, CF, F5, F8, B0, 2E, F6, C1, 37, F5, F2, AE, 60, 60, C6, 04, 24, 2C, 8D, 64, 24, 40, 0F, 85, 5C, 0D, 00, 00, 88, CC, 0F, 98, C4, 98, 54, C6, 47, FF, 00, 66, 0F, BE, C1, 66, 0F, C8, 66, B8, E7, 6A, 89, 1C, 24...
 
[+]

Entropy:
7.8397

Packer / compiler:
ASProtect v1.1, 0xBRS

Code size:
9 KB (9,216 bytes)

Driver
Display name:
BEDaisy

Type:
Kernel device driver (KernelDriver)


Scan bedaisy.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.