home

driverhelper.sys

Fujian NetDragon Computer Network Information Technology Co.,Ltd

It runs as a Windows 64-bit kernel mode device driver named “DriverHelpe”.
Publisher:
Fujian NetDragon Computer Network Information Technology Co.,Ltd  (signed and verified)

MD5:
a54d0b58ce538c5aa416955b2471c741

SHA-1:
e676b60a6352a692efc49d1bf5405052beab04a9

SHA-256:
4ee81c18be810fd7e6dde3213342b66f62f104e5361d7581fab0b0ee2d34fac4

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 12:04:01 PM UTC  (today)

File size:
13.3 KB (13,600 bytes)

File type:
Driver (Win64 SYS)

Common path:
C:\Windows\System32\drivers\driverhelper.sys

Digital Signature
Signed by:
Fujian NetDragon Computer Network Information Technology Co.,Ltd

Authority:
VeriSign, Inc.

Valid from:
5/24/2011 8:00:00 AM

Valid to:
5/24/2013 7:59:59 AM

Subject:
CN="Fujian NetDragon Computer Network Information Technology Co.,Ltd", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Fujian NetDragon Computer Network Information Technology Co.,Ltd", L=Fuzhou, S=Fujian, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
100B8C7906B918CB6F26781A978C7164

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
192:/HANeZbnYe+PjPBjtlAVr0A+vyr9ZCspE+TMQrMUTTls0:/gUbnYPLhUi7eMU60

Entry point:
55, 8B, EC, 83, E4, F8, 83, EC, 18, 33, C0, 56, 57, 33, FF, 68, 10, 21, 01, 00, 89, 7C, 24, 0C, 89, 44, 24, 10, 89, 44, 24, 14, 89, 44, 24, 18, 89, 44, 24, 1C, 89, 44, 24, 20, E8, 33, C1, FF, FF, 8B, 45, 08, B9, 80, 40, 01, 00, C7, 40, 34, 00, 40, 01, 00, 89, 48, 38, 89, 48, 3C, 89, 48, 40, 89, 48, 44, 89, 48, 48, 89, 48, 4C, 89, 48, 50, 89, 48, 54, 89, 48, 58, 89, 48, 5C, 89, 48, 60, 89, 48, 64, 89, 48, 68, 89, 48, 6C, 89, 48, 70, 89, 48, 74, 89, 48, 78, 89, 48, 7C, 89, 88, 80, 00, 00, 00, 89, 88, 84, 00...
 
[+]

Entropy:
6.5233

Developed / compiled with:
Microsoft Visual C++

Driver
Display name:
DriverHelpe

Service name:
DriverHelper

Type:
Kernel device driver (KernelDriver)

Group:
Boot Bus Extender3


Scan driverhelper.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.