home

bedaisy.sys

Bastian Suter

It runs as a Windows kernel mode device driver named “BEDaisy”.
Publisher:
Bastian Suter  (signed and verified)

MD5:
64e5562e238927169dfd3a67632f7cfe

SHA-1:
376a509665b52a23799e2ee836ae9d5687dd1c82

SHA-256:
2b48da7fb63e514aaa8804e1c16cc76ede72df045a51c0934b46601031fc0b87

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/20/2024 11:34:55 AM UTC  (today)

File size:
262.3 KB (268,608 bytes)

File type:
Driver (Win32 SYS)

Common path:
C:\Program Files\common files\battleye\bedaisy.sys

Digital Signature
Signed by:
Bastian Suter

Authority:
DigiCert Inc

Valid from:
4/19/2015 8:00:00 PM

Valid to:
6/13/2018 8:00:00 AM

Subject:
CN=Bastian Suter, O=Bastian Suter, L=Tübingen, S=Baden-Württemberg, C=DE

Issuer:
CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
07033DEE5ABAFA092E57E090D3A11DE2

File PE Metadata
Compilation timestamp:
9/18/2015 5:56:43 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
6144:5Z7pDCwlW+VsieesqmV4CyRYPlxu+4iORZ5pK7F:73lW+VDeesViYi+4iORZc

Entry address:
0x438A3

Entry point:
60, 60, E9, F3, 9F, FF, FF, E8, 96, 4D, FF, FF, E1, E1, 39, A0, 98, 6F, D9, 4D, B7, 31, 30, 37, 96, 4F, 1A, 14, 8C, 60, B7, FF, 86, 41, 7B, E6, 7D, FD, B4, 6C, 69, C5, 7D, AC, 46, 7C, 74, 2C, 05, C7, D1, 08, 1B, AA, F4, FE, A5, 0E, 34, CA, 33, 35, 16, 7A, 15, 0E, 26, 37, 2A, 0C, DD, 27, 29, ED, 14, 69, 85, 2C, AC, 07, 32, 61, 1F, 22, 6C, 6E, 32, 2B, 93, 9F, 57, 3F, BC, B0, A1, 79, 4A, 94, 96, F3, EF, 8A, 83, 70, CF, 07, 8D, B4, 8C, 3E, 65, FB, E1, 9D, 6C, 4C, 0E, 47, 51, 0F, 21, 7A, 4D, 3D, 2B, 7C, E2, BD...
 
[+]

Entropy:
7.8507  (probably packed)

Code size:
11.5 KB (11,776 bytes)

Driver
Display name:
BEDaisy

Type:
Kernel device driver (KernelDriver)


Scan bedaisy.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.