emtpw.sys

winio

Fuzhou TianxiaChuangshi Digital Co.,Ltd.

Publisher:
vrBrothers Software.   (signed by Fuzhou TianxiaChuangshi Digital Co.,Ltd.)

Product:
winio

Description:
QMacro's driver simulator module.

Version:
6, 8, 8, 6436

MD5:
bfa95ed96022a2500510a1c8d64ac8ba

SHA-1:
886386d350ef748e834118a5fb10cfcb3f53cb2d

SHA-256:
06770649cc4e1b2f9d1444143bd5ee50a21971af6e1b52f1c37879024768e8a8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
2/2/2017 1:04:10 AM UTC  (ten months ago)

File size:
28.5 KB (29,216 bytes)

Product version:
6, 8, 8, 6436

Copyright:
(C)2001-2010 vrBrothers Software. All rights reserved.

Original file name:
winio.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Program Files\amj.exe\emtpw.sys

Digital Signature
Authority:
WoSign, Inc.

Valid from:
1/13/2010 8:00:00 AM

Valid to:
1/14/2011 7:59:59 AM

Subject:
CN="Fuzhou TianxiaChuangshi Digital Co.,Ltd.", OU=Class 3 - for Microsoft Authenticode Signing, O="Fuzhou TianxiaChuangshi Digital Co.,Ltd.", L=Fuzhou, S=Fujian, C=CN

Issuer:
CN=WoSign Code Signing Authority, O="WoSign, Inc.", C=US

Serial number:
03B3E80789FEE6ABE93DD972817E53F8

File PE Metadata
Compilation timestamp:
4/1/2010 5:58:28 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
6.0

Entry address:
0x2460

Entry point:
55, 8B, EC, 83, EC, 14, C7, 45, FC, 00, 00, 00, 00, 6A, 00, 8D, 45, F0, 50, 8D, 4D, F4, 51, 8D, 55, F8, 52, E8, B6, 19, 00, 00, 83, 7D, F8, 05, 75, 22, 83, 7D, F4, 00, 75, 0C, C7, 05, D8, 61, 01, 00, 01, 00, 00, 00, EB, 10, 83, 7D, F4, 01, 75, 0A, C7, 05, D8, 61, 01, 00, 02, 00, 00, 00, 68, 4C, 60, 01, 00, 68, 30, 62, 01, 00, FF, 15, 1C, 40, 01, 00, 68, 28, 60, 01, 00, 68, 28, 62, 01, 00, FF, 15, 1C, 40, 01, 00, 68, 28, 62, 01, 00, 68, 30, 62, 01, 00, E8, 09, 16, 00, 00, 8D, 45, FC, 50, 6A, 00, 6A, 00, 68...
 
[+]

Entropy:
6.2260

Developed / compiled with:
Microsoft Visual C++

Code size:
12 KB (12,288 bytes)

Scan emtpw.sys - Powered by Reason Core Security