home

com0com.sys

Null-modem emulator

Asem SpA

It runs as a Windows 64-bit kernel mode device driver named “com0com - emulates the serial ports interconnected via a null-modem cable”.
Publisher:
Vyacheslav Frolov  (signed by Asem SpA)

Product:
Null-modem emulator

Version:
2.2.2.0

MD5:
0d3a8dcbdc1c7a32935253f92ef16b1d

SHA-1:
448f874e5ca70e0faba67973aedcc1a363d1bf22

SHA-256:
6bd838bda7136a39a6283160a106f8b5036de0ea90d0cafd4f51c0d9d1165c17

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
7/3/2025 5:02:28 AM UTC  (today)

File size:
81.4 KB (83,368 bytes)

Product version:
2.2.2.0

Copyright:
Copyright (c) 2004-2009 Vyacheslav Frolov

Original file name:
com0com.sys

File type:
Driver (Win64 SYS)

Language:
English (United States d'America)

Common path:
C:\Windows\System32\drivers\com0com.sys

Digital Signature
Signed by:
Asem SpA

Authority:
GlobalSign nv-sa

Valid from:
1/9/2012 2:37:24 PM

Valid to:
2/12/2013 2:45:10 PM

Subject:
CN=Asem SpA, O=Asem SpA, L=Artegna, S=Udine, C=IT

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11213CDFC0277EDC8CD9E3B21659F5D84E9D

File PE Metadata
Compilation timestamp:
3/1/2011 11:38:11 AM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
1536:oG3ICFEmqPNi3lobJAJHu4gB6RRPRztdi8b:o0DF1HtJOZBkBhtZb

Entry address:
0x15064

Entry point:
48, 83, EC, 28, 4C, 8B, C2, 4C, 8B, C9, E8, 95, FF, FF, FF, 49, 8B, D0, 49, 8B, C9, 48, 83, C4, 28, E9, 86, BF, FE, FF, CC, CC, D8, 50, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, F8, 56, 01, 00, 18, 00, 01, 00, C0, 50, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 30, 57, 01, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 06, 57, 01, 00, 00, 00, 00, 00, 1C, 57, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, CE, 52, 01, 00, 00, 00, 00, 00, E0, 52, 01, 00...
 
[+]

Code size:
60.5 KB (61,952 bytes)

Driver
Display name:
com0com - emulates the serial ports interconnected via a null-modem cable

Service name:
com0com

Type:
Kernel device driver (KernelDriver)


Scan com0com.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.