home

CAPTURE.SYS

Capture Driver

JinHu

It runs as a Windows 64-bit kernel mode device driver named “Active Capture Driver”.
Publisher:
Active Network CO., LTD  (signed by JinHu)

Product:
Capture Driver

Version:
5.0.2013.416

MD5:
7c996953a4d03b402ee033dd573467b2

SHA-1:
62be05d1c8a350b88faddfaf4d42700bbc927f54

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 1:27:18 PM UTC  (today)

File size:
25.5 KB (26,120 bytes)

Product version:
5.0

Copyright:
Copyright (C) Active Network CO., LTD

Original file name:
CAPTURE.SYS

File type:
Driver (Win64 SYS)

Language:
Language Neutral

Common path:
C:\Windows\System32\drivers\capture.sys

Digital Signature
Signed by:
JinHu

Authority:
GlobalSign nv-sa

Valid from:
5/2/2013 4:32:29 AM

Valid to:
5/3/2014 4:32:29 AM

Subject:
CN=JinHu, C=CN

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11216B4B5EED299EE01BEB65F3DBCE064933

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
384:3nT6vM0E3ePeWV1+l1AY9mm49K9utevU0tdFB7FdRqo2n2K/5LPLQdUb+T+K6s:3T6h+WO1mmr9uzQdFfl22+Fi/h

Driver
Display name:
Active Capture Driver

Service name:
Capture

Type:
Kernel device driver (KernelDriver)


Scan CAPTURE.SYS - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.