home

eslwireacd.sys

EslWireACD

Turtle Entertainment GmbH

It runs as a Windows 64-bit kernel mode device driver named “ESLWireAC”.
Publisher:
<Turtle Entertainment>  (signed by Turtle Entertainment GmbH)

Product:
EslWireACD

Version:
1.0.0.6036

MD5:
a2e99a75fa2505cdc02360dc033656b0

SHA-1:
0eecb84601b9affd6a624bf102a65f736a496e17

SHA-256:
bbb676fd508db1f650ce07bb67c80cf491aff15033f59e152fa644bc1d657b45

Scanner detections:
8 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
5/1/2024 3:02:40 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Trash.Gen
7.11.30.172

AVG
Win32/Patched
2016.0.2918

Bkav FE
W64.HfsAutoA
1.3.0.6979

Fortinet FortiGate
W32/Obfuscated.C!tr
11/21/2015

IKARUS anti.virus
Win32.Patched
t3scan.1.8.6.0

McAfee
Artemis!A1E2BCC1B7A9
5600.6574

Trend Micro House Call
Suspicious_GEN.F47V0204
7.2.325

VIPRE Antivirus
Trojan.Win32.Generic
37732

File size:
96.8 KB (99,104 bytes)

Product version:
1.0

Copyright:
Copyright © 2010

Original file name:
EslWireACD

File type:
Driver (Win64 SYS)

Common path:
C:\Windows\System32\drivers\eslwireacd.sys

Digital Signature
Signed by:
Turtle Entertainment GmbH

Authority:
GlobalSign nv-sa

Valid from:
1/8/2015 4:02:22 PM

Valid to:
4/8/2016 5:02:22 PM

Subject:
CN=Turtle Entertainment GmbH, O=Turtle Entertainment GmbH, L=Cologne, S=NRW, C=DE

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121CA414E26A79FC3D34553A430BC8FEFAD

File PE Metadata
Compilation timestamp:
11/17/2015 1:43:34 PM

OS version:
6.2

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
11.0

CTPH (ssdeep):
1536:CTdcmau7A3BllPXM7s5TZb3BBXxQenIayW+KuMZUAgvFgOZXJGNTb3lZlSgpeb7p:6cX9laaZb3BBhXyWOv6Op4Jb1HoAGaE/

Entry address:
0x5B571

Entry point:
E9, B0, 54, 00, 00, 0F, 84, 9D, 86, 00, 00, 48, 0F, CA, 48, 8D, 53, 08, 48, 0F, B6, F2, 66, 89, CF, 48, 8B, 7D, 10, 66, 0F, B6, F2, 48, 8D, 35, 40, FB, FF, FF, E9, D8, 38, 00, 00, 91, 89, 28, B7, 5F, 69, E0, FF, 9A, 45, 64, 7B, BE, 21, 40, 9F, 02, DD, EC, F3, 76, 69, 18, C7, 3F, 89, C8, 17, 1F, A9, E0, FF, A7, 21, 5D, 6B, 56, 89, E8, D8, 62, A1, 4F, 97, 39, 17, F2, 71, 99, F8, DE, EA, 9F, 40, 99, 83, B8, E4, 0D, 0F, 24, 78, 49, D3, AE, 6E, 33, E9, B0, 6C, AF, 67, 24, 78, C3, 53, 00, 9C, 0D, 0F, 7C, 9A, 5F...
 
[+]

Entropy:
7.3797

Packer / compiler:
Xtreme-Protector v1.05

Code size:
18 KB (18,432 bytes)

Driver
Display name:
ESLWireAC

Type:
Kernel device driver (KernelDriver)


Scan eslwireacd.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.