home

cpdrvlib.sys

Модуль режима ядра CSP

Crypto-Pro

Publisher:
Компания КРИПТО-ПРО  (signed by Crypto-Pro)

Product:
Модуль режима ядра CSP

Version:
3.9.5869.0

MD5:
67b6c4d87c14eefdafa1dfa9cd96dc82

SHA-1:
ca11828700b94182f055d9ff15c94125da8b1c6e

SHA-256:
6c604c3e806871492212ac9a78a032ccf00c17c947cbb5810630526112989e13

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/20/2024 1:36:48 AM UTC  (today)

File size:
374.7 KB (383,672 bytes)

Product version:
3.9.5869.0

Copyright:
© Компания КРИПТО-ПРО. Все права защищены.

Original file name:
cpdrvlib.sys

File type:
Driver (Win32 SYS)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\programfiles\crypto pro\csp\cpdrvlib.sys

Digital Signature
Signed by:
Crypto-Pro

Authority:
VeriSign, Inc.

Valid from:
12/24/2013 6:00:00 AM

Valid to:
12/25/2014 5:59:59 AM

Subject:
CN=Crypto-Pro, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Crypto-Pro, L=Moscow, S=Moscow, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
13DA153426C7F114F3917FC4C2C4459F

File PE Metadata
Compilation timestamp:
10/21/2014 6:14:01 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
6144:9jvv3aaBNxrjTvFXSP1I4ae3La4krIofwViYW+qeKnZTjKzUz0Vyv96s7j:Z3z1/8K4Z7a4+/VF+6ZTW80+6Y

Entry address:
0x5D1A5

Entry point:
8B, FF, 55, 8B, EC, E8, C2, FF, FF, FF, 5D, E9, 4B, FE, FF, FF, CC, CC, CC, FC, D1, 05, 00, 00, 00, 00, 00, 00, 00, 00, 00, BE, D4, 05, 00, 08, 20, 05, 00, F4, D1, 05, 00, 00, 00, 00, 00, 00, 00, 00, 00, E0, D4, 05, 00, 00, 20, 05, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, CC, D4, 05, 00, 00, 00, 00, 00, A0, D2, 05, 00, B8, D2, 05, 00, C4, D2, 05, 00, E0, D2, 05, 00, F8, D2, 05, 00, 10, D3, 05, 00, 32, D3, 05, 00, 50, D3, 05, 00, 68, D3, 05, 00, 80, D3, 05, 00, 98...
 
[+]

Code size:
325 KB (332,800 bytes)

Scan cpdrvlib.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.