home

defdrv.dll

RITLABS S.R.L.

Publisher:
RITLABS S.R.L.  (signed and verified)

MD5:
33878797a23a9d809fe695f121b2e4b4

SHA-1:
be8726600df1f69fbd559001a84781af04041952

SHA-256:
5da5dae330c60aaf1bc6fefe6f3d853fcc5f599d559406d84c4450a1084a1a51

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 6:18:34 PM UTC  (today)

File size:
540 KB (552,952 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\batpost\drivers\defdrv.dll

Digital Signature
Signed by:
RITLABS S.R.L.

Authority:
Thawte, Inc.

Valid from:
8/21/2012 1:00:00 AM

Valid to:
8/22/2013 12:59:59 AM

Subject:
CN=RITLABS S.R.L., O=RITLABS S.R.L., L=Chisinau, S=Moldova, C=MD

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
39F5849F5E8EA79588C687EEE9368E89

File PE Metadata
Compilation timestamp:
6/19/2013 11:25:21 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:BwQPr/hcaI2jKp3bb9fstLcuNpFaIPzy5eu6Oru4SI:WQPjnkprB0tLcuNpFaQy5efOu4R

Entry address:
0x71B3C

Entry point:
55, 8B, EC, 83, C4, C4, B8, A8, 0B, 47, 00, E8, A4, 52, F9, FF, E8, 03, 31, F9, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.5398

Developed / compiled with:
Microsoft Visual C++

Code size:
451 KB (461,824 bytes)

Scan defdrv.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.