home

entvpn.sys

UserGate

Entensys, Corp.

It runs as a Windows 64-bit kernel mode device driver named “Driver for Entensys VPN Device”.
Publisher:
Entensys  (signed by Entensys, Corp.)

Product:
UserGate

Description:
Entensys VPN driver

Version:
6, 4, 0, 0

MD5:
11e73bada26335368e518d111f8ff1eb

SHA-1:
b30e15c9ddc214919d7afc4dd7a4b76ec35f4ea6

SHA-256:
d0497d432d416db6d965796481283eae11e065cf0a159aaf5a65da3bd260d689

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/3/2024 9:25:38 AM UTC  (today)

File size:
41.2 KB (42,176 bytes)

Product version:
6, 4, 0, 0

Copyright:
Copyright (c) Entensys 2001-2010

Original file name:
entvpn.sys

File type:
Driver (Win64 SYS)

Common path:
C:\Windows\System32\drivers\entvpn.sys

Digital Signature
Signed by:
Entensys, Corp.

Authority:
VeriSign, Inc.

Valid from:
2/21/2014 2:00:00 AM

Valid to:
3/23/2016 1:59:59 AM

Subject:
CN="Entensys, Corp.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Entensys, Corp.", L=Road Town, S=Tortola, C=VG

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
75879C7AAD806EE693396654131C305C

File PE Metadata
Compilation timestamp:
11/26/2014 7:28:31 PM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
768:tEY+C5UHo/IoLxpRsIlASDN3X9nq/FDkXeYZvmX2:wo37N41WeYZvw2

Entry address:
0xD064

Entry point:
48, 83, EC, 28, 4C, 8B, C2, 4C, 8B, C9, E8, 95, FF, FF, FF, 49, 8B, D0, 49, 8B, C9, 48, 83, C4, 28, E9, 86, 3F, FF, FF, CC, CC, 40, D1, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 1C, D4, 00, 00, 80, 80, 00, 00, C0, D0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, B0, D5, 00, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 7C, D5, 00, 00, 00, 00, 00, 00, 64, D5, 00, 00, 00, 00, 00, 00, 3C, D5, 00, 00, 00, 00, 00, 00, 2E, D5, 00, 00, 00, 00, 00, 00, 18, D5, 00, 00...
 
[+]

Code size:
27 KB (27,648 bytes)

Driver
Display name:
Driver for Entensys VPN Device

Service name:
EntenSysVPN

Type:
Kernel device driver (KernelDriver)

Group:
NDIS


Scan entvpn.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.