home

EDesktop1.sys

Virtual Display Driver

AWIND INCORPORATED

It runs as a Windows 64-bit kernel mode device driver named “Virtual Desktop Serviuces 1”.
Publisher:
WPS  (signed by AWIND INCORPORATED)

Product:
Virtual Display Driver

Version:
1.0.6.2637 built by: WinDDK

MD5:
6f1533a78aa7580f9f53daa18c20b516

SHA-1:
433d4e3b1899f94f8ae3d15e8ccabfeeb73a07b7

SHA-256:
876810916b56012c71b2dd4e785fe6c997b2ff39b2e7f31a31411e7bf819c50c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/29/2024 3:11:53 PM UTC  (today)

File size:
14.3 KB (14,624 bytes)

Product version:
1.0.6.2637

Copyright:
Copyright (C)? 2010-2011. All rights reserved.

Original file name:
EDesktop1.sys

File type:
Driver (Win64 SYS)

Language:
Language Neutral

Common path:
C:\Windows\System32\drivers\edesktop1.sys

Digital Signature
Signed by:
AWIND INCORPORATED

Authority:
VeriSign, Inc.

Valid from:
10/28/2010 7:00:00 AM

Valid to:
10/29/2011 6:59:59 AM

Subject:
CN=AWIND INCORPORATED, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=AWIND INCORPORATED, L=Taipei, S=Taiwan, C=TW

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6120E2CDEE70275AE8E9FEDA9951DD2D

File PE Metadata
Compilation timestamp:
5/23/2011 5:26:16 PM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
192:T7LC4druNndyHODgh+2WyowJL/cu7RZgjlHnrZc0F+v/r9ZCspE+TMIrtoyJ:T7GnEog42WYJLca6jBlleM2oyJ

Entry address:
0x5064

Entry point:
48, 83, EC, 28, 4C, 8B, C2, 4C, 8B, C9, E8, 95, FF, FF, FF, 49, 8B, D0, 49, 8B, C9, 48, 83, C4, 28, E9, EE, C1, FF, FF, CC, CC, F0, 50, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 10, 51, 00, 00, 30, 20, 00, 00, C0, 50, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 92, 51, 00, 00, 00, 20, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 7C, 51, 00, 00, 00, 00, 00, 00, 1E, 51, 00, 00, 00, 00, 00, 00, 34, 51, 00, 00, 00, 00, 00, 00, 4C, 51, 00, 00, 00, 00, 00, 00, 66, 51, 00, 00...
 
[+]

Entropy:
6.2939

Code size:
2.5 KB (2,560 bytes)

Driver
Display name:
Virtual Desktop Serviuces 1

Service name:
EDesktop1

Type:
Kernel device driver (KernelDriver)

Group:
Video


Scan EDesktop1.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.