» eslwireacd.sys
Overview
Analysis
File Details
Behaviors (1)

eslwireacd.sys

EslWireACD

Turtle Entertainment GmbH

It runs as a Windows 64-bit kernel mode device driver named “ESLWireAC”.

File name:

eslwireacd.sys

Publisher:

<Turtle Entertainment> (signed by Turtle Entertainment GmbH)

Product:

EslWireACD

Version:

1.0.0.6029

MD5:

3bb51687d1c245dcfffc6473b3e8bf58

SHA-1:

5501bed0b2d0806bee738a02ecf8b0fad493976e

SHA-256:

37ca02fc58e6d67cd6e342424cdbfcbec09b67b521fb621e1e9082f48df4354a

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/1/2024 1:18:39 AM UTC (today)

File size:

90.3 KB (92,448 bytes)

Product version:

1.0

Original file name:

EslWireACD

File type:

Driver (Win64 SYS)

Common path:

C:\Windows\System32\drivers\eslwireacd.sys

Digital Signature

Signed by:

Turtle Entertainment GmbH

Authority:

GlobalSign nv-sa

Valid from:

1/8/2015 4:02:22 PM

Valid to:

4/8/2016 5:02:22 PM

Subject:

CN=Turtle Entertainment GmbH, O=Turtle Entertainment GmbH, L=Cologne, S=NRW, C=DE

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121CA414E26A79FC3D34553A430BC8FEFAD

File PE Metadata

Compilation timestamp:

11/9/2015 10:09:22 AM

OS version:

6.2

OS bitness:

Win64

Subsystem:

Native (none required)

Linker version:

11.0

CTPH (ssdeep):

1536:EiD6n+PbkboPR0FvQF1J4JBV3VPGit76kmZGVa7LK9Rh0UCZOWUw:imb7qw/4JBphGO79VWLGqOWx

Entry address:

0x5DDE8

Entry point:

E9, B2, B5, FF, FF, E9, 7A, 9B, FF, FF, E9, A5, 4B, 00, 00, 10, 92, 2C, DE, 20, D7, B8, 34, 23, 07, FB, 25, 00, 4C, 63, 17, 3E, EA, 41, FD, D8, EC, 53, 67, DB, D5, 39, 83, 67, C9, 70, EC, 47, F3, 0E, 1A, 75, 29, 14, F0, D4, 06, B1, CD, 31, 83, EE, 92, BD, 01, 78, 97, EC, 50, E4, D3, 1C, 00, 00, DC, 33, 88, 51, 3A, D3, 14, 00, 00, 7F, A9, 1B, 31, 91, 96, 24, F1, AD, 76, 65, A9, A1, 26, B4, 81, 3D, 99, 5D, 62, E6, A2, A1, 91, DA, FE, DF, 86, 84, 11, 87, E9, 30, 2C, E3, DF, EE, 3D, E1, C2, 3E, 7C, 4C, C4, 06... 
[+]

Packer / compiler:

tElock 0.99 - 1.0 private

Code size:

18 KB (18,432 bytes)

Driver

Display name:

ESLWireAC

Type:

Kernel device driver (KernelDriver)

Scan eslwireacd.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.