» crportio.sys
Overview
Analysis
File Details
Behaviors (1)

crportio.sys

Windows Codename Longhorn DDK driver

Serhiy Katsyuba

It runs as a Windows kernel mode device driver named “crportio”.

File name:

crportio.sys

Publisher:

Windows (R) Codename Longhorn DDK provider (signed by Serhiy Katsyuba)

Product:

Windows (R) Codename Longhorn DDK driver

Description:

Generic Port I/O Driver for 'Corsica' Project

Version:

6.0.6000.16386 built by: WinDDK

MD5:

cc83aed13006df08650e06dd4f0e1051

SHA-1:

109d4d2e9621e1ea2c8a74c014a736d47acc7844

SHA-256:

4dd29ae20adfc5495a36da9a5ebc91e70e6c967062b9bb433f524d112188e612

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/20/2024 1:34:28 AM UTC (today)

File size:

10.8 KB (11,056 bytes)

Product version:

6.0.6000.16386

Original file name:

crportio.sys

File type:

Driver (Win32 SYS)

Language:

English (United States)

Common path:

C:\Program Files\topjtag probe\i386\crportio.sys

Digital Signature

Signed by:

Serhiy Katsyuba

Authority:

GlobalSign nv-sa

Valid from:

2/19/2007 3:31:53 PM

Valid to:

2/19/2008 3:31:53 PM

Subject:

E=skatsyuba@gmail.com, CN=Serhiy Katsyuba, C=UA

Issuer:

CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:

01000000000110DA6A7358

File PE Metadata

Compilation timestamp:

1/2/2008 7:22:45 PM

OS version:

6.0

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

8.0

CTPH (ssdeep):

192:7aOeNWB2l4xoZxyowJL/aoxhHoe068jSJUbueqMONW0:mrWol4K3YJLFHJ06dUb+jg0

Entry address:

0x885

Entry point:

8B, FF, 55, 8B, EC, A1, 00, 08, 01, 00, 85, C0, B9, 4E, E6, 40, BB, 74, 04, 3B, C1, 75, 1E, 8B, 15, 20, 07, 01, 00, B8, 00, 08, 01, 00, C1, E8, 08, 33, 02, A3, 00, 08, 01, 00, 75, 07, 8B, C1, A3, 00, 08, 01, 00, F7, D0, A3, 04, 08, 01, 00, 5D, E9, 01, FD, FF, FF, CC, 10, 09, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, EA, 09, 00, 00, 0C, 07, 00, 00, 04, 09, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 1E, 0A, 00, 00, 00, 07, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, F8... 
[+]

Code size:

1.1 KB (1,152 bytes)

Driver

Display name:

crportio

Type:

Kernel device driver (KernelDriver)

Scan crportio.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.