» eslwireacd.sys
Overview
Analysis
File Details
Behaviors (1)

eslwireacd.sys

EslWireACD

Turtle Entertainment GmbH

It runs as a Windows 64-bit kernel mode device driver named “ESLWireAC”.

File name:

eslwireacd.sys

Publisher:

<Turtle Entertainment> (signed by Turtle Entertainment GmbH)

Product:

EslWireACD

Version:

1.0.0.5312

MD5:

340ef66d3051fd46ec7e0958c7be742e

SHA-1:

1a579f2ff7a86ff8e3c9c9d0af8638e1af5df22e

SHA-256:

4216f1cc56392cec625c3d99c9b8b02a820e67b3ab9bdda51a6af5f3fb14acc3

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/7/2024 4:59:38 PM UTC (today)

File size:

173 KB (177,168 bytes)

Product version:

1.0

Original file name:

EslWireACD

File type:

Driver (Win64 SYS)

Language:

Language Neutral

Common path:

C:\Windows\System32\drivers\eslwireacd.sys

Digital Signature

Signed by:

Turtle Entertainment GmbH

Authority:

GlobalSign nv-sa

Valid from:

9/29/2011 5:19:37 PM

Valid to:

12/27/2014 10:17:59 AM

Subject:

CN=Turtle Entertainment GmbH, OU=Desktop Software Development, O=Turtle Entertainment GmbH, L=Cologne, S=NRW, C=DE

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11211D81E9C09273DF1A6E9A05931416F400

File PE Metadata

Compilation timestamp:

7/25/2013 2:09:28 PM

OS version:

6.1

OS bitness:

Win64

Subsystem:

Native (none required)

Linker version:

9.0

CTPH (ssdeep):

3072:1bny8JAxn73YahOLLt+eLnU3/x6N/wivP9IV3VuA23aXvAd+zTG6RXWz7aMQv9JP:1by8JAxPO1+r/M5JB3E9zT9sz7BQv9JP

Entry address:

0x8E1C9

Entry point:

E9, EE, 0D, 00, 00, 0F, 83, 87, 9D, 01, 00, F9, 66, 39, C2, 31, C0, E9, 5E, 7C, 01, 00, 0F, 87, E0, 83, 01, 00, 66, 0F, B6, F3, 66, 0F, B6, F0, 66, 0F, BE, F1, 0F, B6, F0, 5E, E9, A2, 8E, 01, 00, F9, 48, 81, FF, ED, 30, A4, B6, 09, C9, E9, 25, A4, FF, FF, 0F, 84, 38, B1, 01, 00, 48, 8D, 34, C5, 97, 10, E1, B3, 66, BF, 02, 63, 66, BE, 1A, 32, 48, 8B, 7D, 10, 66, 0F, BE, F3, E9, E0, EF, 01, 00, 00, 00, 4F, 62, 52, 65, 66, 65, 72, 65, 6E, 63, 65, 4F, 62, 6A, 65, 63, 74, 42, 79, 48, 61, 6E, 64, 6C, 65, 00, 0F... 
[+]

Entropy:

7.7449

Packer / compiler:

Xtreme-Protector v1.05

Code size:

33 KB (33,792 bytes)

Driver

Display name:

ESLWireAC

Type:

Kernel device driver (KernelDriver)

Scan eslwireacd.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.