home

crashreport.sys

Shanghai Hintsoft Co., Ltd

It runs as a Windows kernel mode device driver named “crashReport”.
Publisher:
Shanghai Hintsoft Co., Ltd  (signed and verified)

MD5:
00fef1587299dce935e70fc9d470767b

SHA-1:
b726bae6228ff4d9894d59dbea9a7c1e88cb7d6c

SHA-256:
cd957dc41d814f3e20d48594777aa7e86ae81191d61c5c29b92ff73d94fcb49f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/8/2024 9:13:41 PM UTC  (today)

File size:
42.9 KB (43,888 bytes)

File type:
Driver (Win32 SYS)

Digital Signature
Signed by:
Shanghai Hintsoft Co., Ltd

Authority:
GlobalSign nv-sa

Valid from:
9/28/2012 5:29:50 PM

Valid to:
9/29/2013 5:29:50 PM

Subject:
CN="Shanghai Hintsoft Co., Ltd", O="Shanghai Hintsoft Co., Ltd", L=Shanghai, S=Shanghai, C=CN

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121D2E80B0E1E2F6D16E266A53A63D22CE1

File PE Metadata
Compilation timestamp:
7/15/2013 2:39:02 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
768:BJ7NrFn/RtMQrHl1gjI5YHGcbyUgWZOpXaVp8DO4g4+OliHM+1:BJtFn/jMvkOHGcBcpXaVp8y4D+YiHM+1

Entry address:
0x83BE

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 52, 81, FF, FF, CC, CC, 18, 84, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, FA, 88, 00, 00, 0C, 77, 00, 00, 0C, 84, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 2A, 89, 00, 00, 00, 77, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 08, 89, 00, 00, 16, 89, 00, 00, 00, 00, 00, 00, 46, 85, 00, 00, 5A, 85, 00, 00, 72, 85, 00, 00, 84, 85, 00, 00, 96, 85, 00, 00, A0, 85, 00, 00, B6, 85, 00, 00, D0, 85, 00, 00, E4, 85, 00, 00, FA, 85...
 
[+]

Entropy:
6.4039

Code size:
30.1 KB (30,848 bytes)

Driver
Display name:
crashReport

Type:
Kernel device driver (KernelDriver)


Scan crashreport.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.