home

bzhookdrv32.sys

Trustware 101 Ltd.

Publisher:
Trustware 101 Ltd.  (signed and verified)

MD5:
9162e7971389e147e8b9f50a95992729

SHA-1:
0ea1be2a4eceeb574790b035aa551196b234b9e6

SHA-256:
ac96ce2ef45ab25a91d897c521827daa2a5304193c78fda2967c29e55f7d65a2

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 5:58:07 AM UTC  (today)

File size:
42.8 KB (43,808 bytes)

File type:
Driver (Win32 SYS)

Common path:
C:\windows\syswow64\drivers\bzhookdrv32.sys

Digital Signature
Signed by:
Trustware 101 Ltd.

Authority:
GlobalSign nv-sa

Valid from:
11/6/2012 4:16:01 AM

Valid to:
12/27/2014 4:00:38 AM

Subject:
CN=Trustware 101 Ltd., O=Trustware 101 Ltd., L=Tel Aviv, S=Tel Aviv, C=IL

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112151340D1959436EE08243F47C02603872

File PE Metadata
Compilation timestamp:
3/13/2013 7:26:22 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
7.10

CTPH (ssdeep):
768:IrhNgcEp499e36rsuxMOx0DrAK/1QZ2VGixn:olEpersax/ixn

Entry address:
0xCA0

Entry point:
55, 8B, EC, 8B, 45, 08, 50, E8, 84, 65, 00, 00, 0F, B6, C8, 85, C9, 75, 07, B8, 01, 00, 00, C0, EB, 7D, 8B, 55, 08, C7, 42, 38, 70, 0C, 01, 00, 8B, 45, 08, C7, 40, 40, 70, 0C, 01, 00, 8B, 4D, 08, C7, 41, 70, 90, 0B, 01, 00, E8, C3, 56, 00, 00, 0F, B6, D0, 85, D2, 74, 0A, 8B, 45, 08, C7, 40, 34, 60, 0B, 01, 00, 8B, 4D, 08, 51, E8, F9, FC, FF, FF, 0F, B6, D0, 85, D2, 75, 07, B8, 01, 00, 00, C0, EB, 32, 6A, 00, 68, 30, 0B, 01, 00, FF, 15, 78, 02, 01, 00, 85, C0, 74, 1A, 8B, 45, 08, C7, 40, 34, 00, 00, 00, 00...
 
[+]

Entropy:
6.5588

Developed / compiled with:
Microsoft Visual C++

Code size:
33.9 KB (34,688 bytes)

Scan bzhookdrv32.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.