home

dvrs.sys

Kasherlab Technology Inc.

Publisher:
Kasherlab Technology Inc.  (signed and verified)

MD5:
1cbea0658a318c4ea822b4c7fe632574

SHA-1:
4ce71abaaa21072ad138f6f59aee57ee5ae76dc4

SHA-256:
3fb7aae94d1adc99b93c559a8a18065a6696c043aa7f62a99b0ff8a849671735

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/23/2024 11:55:15 PM UTC  (a few moments ago)

File size:
46.6 KB (47,768 bytes)

File type:
Driver (Win64 SYS)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\pci_en\driver\amd64\dvrs.sys

Digital Signature
Signed by:
Kasherlab Technology Inc.

Authority:
VeriSign, Inc.

Valid from:
5/14/2014 2:00:00 AM

Valid to:
6/7/2015 1:59:59 AM

Subject:
CN=Kasherlab Technology Inc., OU=R&D, O=Kasherlab Technology Inc., L=Beijing, S=BeiJjing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0EBCE6D8DFC7769CB7DE582B0B14D92D

File PE Metadata
Compilation timestamp:
9/16/2014 10:56:17 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
10.0

CTPH (ssdeep):
768:00EtOtjqzgH8WqwgCCM0rHCTI8jLfQB4mSjPyK3mzSjVmIEWmod:BZDHqwGHLYJjrQAjFWujVetod

Entry address:
0x9000

Entry point:
48, 89, 5C, 24, 08, 57, 48, 83, EC, 20, 48, 8B, DA, 48, 8B, F9, 33, D2, B1, 01, FF, 15, 96, 10, 00, 00, 84, C0, 75, 10, B8, 01, 00, 00, C0, 48, 8B, 5C, 24, 30, 48, 83, C4, 20, 5F, C3, 0F, B7, 13, B9, 01, 00, 00, 00, 48, 83, C2, 02, FF, 15, 50, 10, 00, 00, 48, 89, 05, 79, 26, 00, 00, 48, 85, C0, 75, 10, B8, 9A, 00, 00, C0, 48, 8B, 5C, 24, 30, 48, 83, C4, 20, 5F, C3, 0F, B7, 03, 48, 8D, 0D, 52, 26, 00, 00, 48, 8B, D3, 66, 83, C0, 02, 66, 89, 05, 46, 26, 00, 00, FF, 15, 3E, 10, 00, 00, 48, 8B, 47, 30, 48, 8B...
 
[+]

Code size:
30.5 KB (31,232 bytes)

Scan dvrs.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.