» DaShenAudio.sys
Overview
Analysis
File Details
Behaviors (1)

DaShenAudio.sys

DaShen Audio Filter Driver (DaShen Copyright)

KUNSHAN MOYEA SOFTWARE CO.,LTD

It runs as a Windows kernel mode device driver named “DaShen Audio Filter Driver (DaShen Copyright)”.

File name:

DaShenAudio.sys

Publisher:

DaShen Development Team (signed by KUNSHAN MOYEA SOFTWARE CO.,LTD)

Product:

DaShen Audio Filter Driver (DaShen Copyright)

Description:

DaShen Virtual Audio Device

Version:

1.0

MD5:

e99f5cb7f18d0196e072e9a5cfddaa11

SHA-1:

7edfe8726ff514ef83deb50af002f9110a08c164

SHA-256:

64e18acab420f955dd7ad3b40902b0ef682d37f9dcac68dff5e24697698a350e

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/5/2024 10:27:42 PM UTC (today)

File size:

29.5 KB (30,232 bytes)

Product version:

1.0

Original file name:

DaShenAudio.sys

File type:

Driver (Win32 SYS)

Language:

English (United States)

Common path:

C:\Windows\System32\drivers\dashenaudio.sys

Digital Signature

Signed by:

KUNSHAN MOYEA SOFTWARE CO.,LTD

Authority:

GlobalSign nv-sa

Valid from:

6/29/2011 7:35:41 PM

Valid to:

6/29/2012 7:35:41 PM

Subject:

CN="KUNSHAN MOYEA SOFTWARE CO.,LTD", OU=Development Department, O="KUNSHAN MOYEA SOFTWARE CO.,LTD", L=昆山, S=江苏, C=CN

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121E6E01E5045C70ECF2DA0EC1A571126B8

File PE Metadata

Compilation timestamp:

6/30/2011 7:19:29 PM

OS version:

6.1

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

9.0

CTPH (ssdeep):

384:e6ThxcrKeImlt6AAgsyfYMJ7gR958Rymk+wtH6898WynXqR8pK5+atHVYvvKEdUT:emvyVgr58Ryt998taRg4+oVxPiXXW

Entry address:

0x705E

Entry point:

8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 98, FF, FF, FF, CC, CC, D0, 70, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 62, 74, 00, 00, 10, 30, 00, 00, C0, 70, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, B8, 74, 00, 00, 00, 30, 00, 00, 74, 71, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 9C, 75, 00, 00, B4, 30, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 90, 74, 00, 00, 7C, 74, 00, 00, A4, 74, 00, 00, 00, 00, 00, 00, EE, 71, 00, 00, FE, 71, 00, 00, 0A, 72, 00, 00, 22, 72... 
[+]

Entropy:

6.4874

Code size:

15 KB (15,360 bytes)

Driver

Display name:

DaShen Audio Filter Driver (DaShen Copyright)

Service name:

DaShenAudio_simple

Type:

Kernel device driver (KernelDriver)

Scan DaShenAudio.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.