» dxsoftio.sys
Overview
Analysis
File Details
Behaviors (1)

dxsoftio.sys

Sergei Podstrigailo

It runs as a Windows kernel mode device driver named “DXSOFTIO”.

File name:

dxsoftio.sys

Publisher:

Sergei Podstrigailo (signed and verified)

MD5:

14c55dd3bcca998fd6ac874a72a2ceb0

SHA-1:

a47482e5e295abb2d590247b8ac0457812f81690

SHA-256:

57eddfe7d43f42abcfbb11039ecc3705fcc23645684284a7c6826d679b668fd5

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/19/2024 8:19:56 AM UTC (today)

File size:

7.4 KB (7,616 bytes)

File type:

Driver (Win32 SYS)

Common path:

C:\Windows\System32\drivers\dxsoftio.sys

Digital Signature

Signed by:

Sergei Podstrigailo

Authority:

The USERTRUST Network

Valid from:

12/23/2009 8:00:00 AM

Valid to:

12/24/2010 7:59:59 AM

Subject:

CN=Sergei Podstrigailo, O=Sergei Podstrigailo, STREET="Voskhod, 18 - 56", L=Novosibirsk, S=NSO, PostalCode=630102, C=RU

Issuer:

CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:

4C1D22AA6E864FC4D1BC74FBABFDBBED

File PE Metadata

Compilation timestamp:

11/22/2000 4:47:11 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

5.12

CTPH (ssdeep):

96:U0im91OllIfVX7nR0hQ39J/vcPzSM8HZE4ZZl7yMhxjtIwZ4OTPu8bRhg23PQuDq:Ut2LnRz95g38nyMTCMPg2YusWy

Entry address:

0x2CE

Entry point:

55, 8B, EC, 83, EC, 14, 83, 65, FC, 00, 56, 57, 8B, 3D, FC, 09, 01, 00, 8D, 45, F4, 68, 80, 0A, 01, 00, 50, FF, D7, 8B, 75, 08, 8D, 45, FC, 50, 6A, 01, 6A, 00, 8D, 45, F4, 68, 00, 80, 00, 00, 50, 6A, 2D, 56, FF, 15, F0, 09, 01, 00, 85, C0, 7C, 58, B8, 6C, 03, 01, 00, 68, A4, 0A, 01, 00, 89, 46, 70, 89, 86, 80, 00, 00, 00, 89, 46, 40, 89, 46, 38, 8D, 45, EC, C7, 46, 34, A0, 02, 01, 00, 50, FF, D7, 8D, 45, F4, 50, 8D, 45, EC, 50, FF, 15, EC, 09, 01, 00, 8B, F0, 85, F6, 7D, 0D, FF, 75, FC, FF, 15, E8, 09, 01... 
[+]

Entropy:

6.6772

Developed / compiled with:

Microsoft Visual C++

Code size:

2.2 KB (2,272 bytes)

Driver

Display name:

DXSOFTIO

Type:

Kernel device driver (KernelDriver)

Group:

Extended Base

Scan dxsoftio.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.