home

bedaisy.sys

Bastian Suter

It runs as a Windows 64-bit kernel mode device driver named “BEDaisy”.
Publisher:
Bastian Suter  (signed and verified)

MD5:
07827bf0d8d3cd6af844f1b522c04b3a

SHA-1:
d5b7f3e75300e5fb17c64c5d5d229de6a7aafd8c

SHA-256:
7958bdaf6524cd3699108b98b707026776d653c73c8ef5310d5db6cfd3a6676c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 11:53:55 PM UTC  (a few moments ago)

File size:
322.3 KB (330,048 bytes)

File type:
Driver (Win64 SYS)

Common path:
C:\Program Files\common files\battleye\bedaisy.sys

Digital Signature
Signed by:
Bastian Suter

Authority:
DigiCert Inc

Valid from:
4/19/2015 8:00:00 PM

Valid to:
6/13/2018 8:00:00 AM

Subject:
CN=Bastian Suter, O=Bastian Suter, L=Tübingen, S=Baden-Württemberg, C=DE

Issuer:
CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
07033DEE5ABAFA092E57E090D3A11DE2

File PE Metadata
Compilation timestamp:
9/18/2015 5:56:43 AM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
6144:SVcZRQQt+hZTf837h3pAWCDq4GQj+nyhhgc4jadgULa9bUv3dkL:ScPtI2haWCT8Vj8cbKI

Entry address:
0x492A5

Entry point:
E9, 59, EC, 03, 00, 48, 89, EC, 0F, B6, E9, 66, 0F, B6, EB, 66, F7, D5, 5D, C3, 66, 81, FA, 28, 4A, E9, E1, BF, FF, FF, 0F, 84, 1E, 88, FF, FF, E9, 07, 21, 00, 00, E9, 96, E6, FF, FF, E9, 10, F8, 03, 00, 0F, 85, FC, 71, FF, FF, 66, 0F, BE, F3, 66, F7, D6, E9, 4C, DC, 03, 00, 0F, 83, CD, 0C, 00, 00, 0F, 82, 7D, D8, FF, FF, 80, FB, 48, F5, 80, FC, 05, E9, 3F, 9A, 03, 00, F9, 38, CA, 48, 3B, 45, F0, E9, 51, FB, FF, FF, F6, D0, F6, D0, 0F, 9B, C0, AC, 80, FF, 86, 80, FD, 41, 3C, 79, 34, 69, F5, C0, C8, 07, 3C...
 
[+]

Entropy:
7.8269

Packer / compiler:
Xtreme-Protector v1.05

Code size:
14 KB (14,336 bytes)

Driver
Display name:
BEDaisy

Type:
Kernel device driver (KernelDriver)


Scan bedaisy.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.