» eseadriver2.sys
Overview
Analysis
File Details
Behaviors (1)

eseadriver2.sys

E-Sports Entertainment LLC

It runs as a Windows 64-bit kernel mode device driver named “ESEADriver2”.

File name:

eseadriver2.sys

Publisher:

E-Sports Entertainment LLC (signed and verified)

MD5:

114d6bdc2fe6566cdb355c796d6962f5

SHA-1:

0d7563f69deef5c461e62042f89753a0f611e43e

SHA-256:

a9d8de85f96dd03ac393fe316e8e7a2e96fe3519ebb5b7c56319516eb1408d8b

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/30/2024 3:46:47 AM UTC (today)

File size:

292.9 KB (299,880 bytes)

File type:

Driver (Win64 SYS)

Common path:

C:\users\{user}\appdata\local\temp\eseadriver2.sys

Digital Signature

Signed by:

E-Sports Entertainment LLC

Authority:

DigiCert Inc

Valid from:

7/30/2015 8:00:00 PM

Valid to:

8/8/2018 8:00:00 AM

Subject:

CN=E-Sports Entertainment LLC, O=E-Sports Entertainment LLC, L=Commack, S=New York, C=US, PostalCode=11725, STREET=62 Rensselaer Drive, SERIALNUMBER=3056246, OID.1.3.6.1.4.1.311.60.2.1.2=New York, OID.1.3.6.1.4.1.311.60.2.1.3=US, OID.2.5.4.15=Private Organization

Issuer:

CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

0714C6EEE819B825C85516B7CFD1F2D2

File PE Metadata

Compilation timestamp:

9/25/2015 1:43:51 AM

OS version:

6.1

OS bitness:

Win64

Subsystem:

Native (none required)

Linker version:

9.0

CTPH (ssdeep):

6144:XoxkRp4wiG/SnfDJM0DsgKIbhlHAZuNUayoYllni2D28skg0OqMAjpPtSaOoW+z9:XoxFw9cfDJMctTtlHAZuNUrnU2Z7MAFd

Entry address:

0x7308C

Entry point:

E9, AB, D2, FC, FF, 89, C7, 66, 0F, B6, C9, 0F, C9, E9, A4, E6, FC, FF, 48, 8D, B4, 24, 3F, F6, B4, D1, 66, 0F, BE, F2, 48, 0F, BE, F0, 48, 8D, 35, 2F, F4, FC, FF, E9, 54, DE, FF, FF, E9, DB, 39, 00, 00, E9, 6A, 0E, 00, 00, E9, 09, B2, FC, FF, E9, B4, A9, FC, FF, 00, 00, 4D, 6D, 50, 72, 6F, 62, 65, 41, 6E, 64, 4C, 6F, 63, 6B, 50, 61, 67, 65, 73, 00, E9, F2, 15, 00, 00, 89, 45, E0, F8, 66, 0F, BA, E2, 06, 3D, 04, 00, 00, 00, E9, 51, AB, 00, 00, C1, E7, 08, 38, D3, F8, 01, C7, F8, 48, 0F, A3, F6, E9, C5, 12... 
[+]

Entropy:

7.8626

Packer / compiler:

Xtreme-Protector v1.05

Code size:

35.5 KB (36,352 bytes)

Driver

Display name:

ESEADriver2

Type:

Kernel device driver (KernelDriver)

Group:

Base

Scan eseadriver2.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.