home

demb9e9.tmp

EslWireACD

Turtle Entertainment GmbH

It runs as a Windows 64-bit kernel mode device driver named “ESLWireAC”.
Publisher:
<Turtle Entertainment>  (signed by Turtle Entertainment GmbH)

Product:
EslWireACD

Version:
1.0.0.5629

MD5:
95e849fd668cd44abbea90ee8be6dd25

SHA-1:
809b53f7367b69cc4ace281aefe4ec8eb3e9e8b6

SHA-256:
848c1842c442b68be2a8dede7895a02d2c942e15a3dddeca7ff735af7d3929a8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/20/2024 12:55:41 AM UTC  (today)

File size:
133.1 KB (136,328 bytes)

Product version:
1.0

Copyright:
Copyright © 2010

Original file name:
EslWireACD

Common path:
C:\users\{user}\appdata\local\temp\demb9e9.tmp

Digital Signature
Signed by:
Turtle Entertainment GmbH

Authority:
GlobalSign nv-sa

Valid from:
9/29/2011 6:19:37 PM

Valid to:
12/27/2014 11:17:59 AM

Subject:
CN=Turtle Entertainment GmbH, OU=Desktop Software Development, O=Turtle Entertainment GmbH, L=Cologne, S=NRW, C=DE

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11211D81E9C09273DF1A6E9A05931416F400

File PE Metadata
Compilation timestamp:
11/13/2014 4:41:20 PM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
1536:WmlbT4c01+2/qOz8t5u+Hh0cZitMQZcB9nhOaTWwpipKdn+V/5+Qh2xwYlK1hLYk:0U2/L8tEZc/LTWrF+i8BQLt3D5B

Entry address:
0x8D770

Entry point:
E9, F6, 96, FF, FF, 0F, B7, 0C, 4F, E9, F6, CC, FE, FF, 0F, 83, AF, 8C, FF, FF, E9, 01, D4, FE, FF, 0F, 84, 31, 82, FF, FF, F8, F5, 2C, 30, F9, 84, D5, 3C, 09, E9, F3, AB, FF, FF, E9, C6, 8A, FF, FF, 48, 83, C6, 01, F8, 0F, BA, E3, 07, 66, 0F, BA, E2, 0F, F5, 48, 83, C7, 01, E9, 43, 85, FF, FF, FE, CA, F8, E9, 12, D4, FE, FF, 11, C9, E9, 89, 62, 00, 00, E9, D5, DA, FF, FF, E9, 04, FF, FF, FF, E9, 1E, CE, FE, FF, E9, 4C, F6, FF, FF, E9, 50, B0, FF, FF, F6, C2, 08, 66, 81, F9, 6C, 7F, 84, C0, E9, 3D, 5F, 00...
 
[+]

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
39.5 KB (40,448 bytes)

Driver
Display name:
ESLWireAC

Type:
Kernel device driver (KernelDriver)


Scan demb9e9.tmp - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.