home

crfilterdrv.sys-r.mbam

RELATED DEALS LLC

The file crfilterdrv.sys-r.mbam by RELATED DEALS has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
RELATED DEALS LLC  (signed and verified)

MD5:
49ba6a5cbf3941de119a692b8070e134

SHA-1:
42487737caa4db39932d4aa6e6a6301fe0a75b31

SHA-256:
27170a87e2485be74b9d10fc5e54105fd3fc6c3a9ec4443f696bb4f80353360b

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
5/17/2024 4:45:10 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.BR Software.RELATEDD (M)
16.4.11.20

File size:
56.8 KB (58,184 bytes)

Common path:
C:\ProgramData\malwarebytes\malwarebytes anti-malware\crfilterdrv.sys-r.mbam

Digital Signature
Signed by:
RELATED DEALS LLC

Authority:
GoDaddy.com, Inc.

Valid from:
2/25/2015 10:51:38 PM

Valid to:
1/20/2016 5:32:40 PM

Subject:
CN=RELATED DEALS LLC, O=RELATED DEALS LLC, L=Lewes, S=Delaware, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
073A65AF7269B72C

File PE Metadata
Compilation timestamp:
7/30/2015 3:49:20 AM

OS version:
6.2

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
11.0

CTPH (ssdeep):
768:wR08jbr2N9g0ujbGcVET7+toNvQrL6adf6R0L2aCHSidMImI0uX/XGwkyz:wNr2bluXUKfTx6R0LBHIvX/2Pyz

Entry address:
0x9D30

Entry point:
48, 89, 5C, 24, 08, 57, 48, 83, EC, 20, 48, 8B, DA, 48, 8B, F9, E8, C3, 42, 00, 00, 48, 8B, D3, 48, 8B, CF, 48, 8B, 5C, 24, 30, 48, 83, C4, 20, 5F, E9, 12, DB, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 3B, 0D, 99, 23, 00, 00, 75, 12, 48, C1, C1, 10, 66, F7, C1, FF, FF, 75, 03, C2, 00, 00, 48, C1, C9, 10, E9, 08, 00, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC, B9, 02, 00, 00, 00, CD, 29, CC, CC, CC, CC, CC, CC, CC, CC, CC, B9, 08, 00, 00, 00, CD, 29, CC...
 
[+]

Code size:
41 KB (41,984 bytes)

Remove crfilterdrv.sys-r.mbam - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.