» DksInet.sys
Overview
Analysis
File Details
Behaviors (1)

DksInet.sys

PC-Wächter

Dr. Kaiser Systemhaus GmbH

It runs as a Windows kernel mode device driver named “DKS Net Filter Treiber”.

File name:

DksInet.sys

Publisher:

Dr. Kaiser Systemhaus GmbH (signed and verified)

Product:

PC-Wächter ®

Description:

Inet Filter Driver

Version:

7, 2, 103, 0

MD5:

5b9c5bbdfdabccdf420761686daef0e5

SHA-1:

a94b57902102418b401098430f5623ec2cfe3c35

SHA-256:

ce087a27e7a53b2e1a75b6ef0c4287203f9e9adf6b086a7eea3326f8475271d3

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 8:10:29 AM UTC (today)

File size:

22.4 KB (22,896 bytes)

Product version:

7, 2, 0, 0

Original file name:

DksInet.sys

File type:

Driver (Win32 SYS)

Language:

German (Germany)

Common path:

C:\Windows\System32\drivers\dksinet.sys

Digital Signature

Signed by:

Dr. Kaiser Systemhaus GmbH

Authority:

GlobalSign nv-sa

Valid from:

7/4/2011 6:33:31 PM

Valid to:

7/4/2014 6:33:31 PM

Subject:

E=info@dr-kaiser.de, CN=Dr. Kaiser Systemhaus GmbH, O=Dr. Kaiser Systemhaus GmbH, C=DE

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11217D93FFCFBBC5050AD0B0A8AC4C8AD3F1

File PE Metadata

Compilation timestamp:

5/27/2013 3:14:57 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

7.10

CTPH (ssdeep):

384:SYIQGiidXUPe1Cmkywb8pK5+nlYhdUb+TIc:SYIQbyUPF0wbg4+lNiTIc

Entry address:

0x1682

Entry point:

55, 8B, EC, 83, EC, 14, 56, 33, F6, 56, 6A, 67, 6A, 02, 6A, 07, 68, 2E, 15, 01, 00, 89, 75, FC, E8, 33, 1A, 00, 00, 83, C4, 14, E8, 37, 1A, 00, 00, 84, C0, 74, 12, 68, 72, 15, 01, 00, E8, 1D, 1A, 00, 00, 59, 33, C0, E9, B0, 00, 00, 00, 53, 57, 8B, 3D, 20, 03, 01, 00, 68, A2, 15, 01, 00, 8D, 45, F4, 50, FF, D7, 8D, 45, FC, 50, 56, 56, 68, 23, 23, 69, 00, 8D, 45, F4, 50, 56, 8B, 75, 08, 56, FF, 15, 5C, 03, 01, 00, 8B, D8, 85, DB, 7C, 3F, B8, 22, 14, 01, 00, 89, 46, 70, 89, 46, 40, 89, 46, 38, 68, C2, 15, 01... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

12.4 KB (12,672 bytes)

Driver

Display name:

DKS Net Filter Treiber

Service name:

DksInet

Type:

Kernel device driver (KernelDriver)

Depends on:

Tcpip

Scan DksInet.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.