home

elrawdski64.sys

RawDisk

EldoS Corporation

Publisher:
EldoS Corporation  (signed and verified)

Product:
RawDisk

Description:
RawDisk Driver. Allows write access to files and raw disk sectors for user mode applications in Windows 2000, XP, 2003, Vista, 2008.

Version:
2, 1, 21, 86

MD5:
80b7da1ea86003621c76f3a219217080

SHA-1:
08efa016657536d20844c550773b7b1a8568d1ad

SHA-256:
5f0dc75d41cedd62a1418985ddb26ef3fbbedb7f00a66a1cf7ad57aef11e6a48

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 9:09:20 AM UTC  (today)

File size:
49.5 KB (50,648 bytes)

Product version:
2, 1, 21, 0

Copyright:
Copyright (C) 2007-2008, EldoS Corporation

Original file name:
elrawdsk.sys

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Program Files\briggs softworks\directory snoop\elrawdski64.sys

Digital Signature
Signed by:
EldoS Corporation

Authority:
GlobalSign nv-sa

Valid from:
1/10/2007 3:20:07 AM

Valid to:
1/10/2010 3:20:07 AM

Subject:
E=info@eldos.com, CN=EldoS Corporation, O=EldoS Corporation, C=VG

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
010000000001100C983A31

File PE Metadata
Compilation timestamp:
8/20/2009 6:05:39 PM

OS version:
6.0

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
8.0

CTPH (ssdeep):
384:CSHyoQScS1Dfsa/6xxxP6rZ9wY4GSFih6ULlzTtWIIMnRG1p9WtZe85PnBecvVao:CIQPkjixbY48l4B1pW4y5VaVDTewSJiU

Entry address:
0x4020

Entry point:
40, 24, 02, 00, 00, 00, 00, 00, 00, 80, 21, 00, 00, 00, 00, 00, 60, 27, 01, 00, 00, 00, 00, 00, 00, 80, 21, 00, 00, 00, 00, 00, 80, 25, 01, 00, 00, 00, 00, 00, 00, 80, 21, 00, 00, 00, 00, 00, 00, C0, 01, 00, 00, 00, 00, 00, 00, 80, 21, 00, 00, 00, 00, 00, 60, 23, 01, 00, 00, 00, 00, 00, 00, 80, 21, 00, 00, 00, 00, 00, 00, 20, 01, 00, 00, 00, 00, 00, 00, 80, 21, 00, 00, 00, 00, 00, A0, C8, 01, 00, 00, 00, 00, 00, 00, 80, 21, 00, 00, 00, 00, 00, 20, 31, 01, 00, 00, 00, 00, 00, 00, 80, 21, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.6819

Code size:
34 KB (34,816 bytes)

Scan elrawdski64.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.