home

eslwireacd.sys

EslWireACD

Turtle Entertainment GmbH

It runs as a Windows 64-bit kernel mode device driver named “ESLWireAC”.
Publisher:
<Turtle Entertainment>  (signed by Turtle Entertainment GmbH)

Product:
EslWireACD

Version:
1.0.0.5984

MD5:
ad87ae253ec49d7c03db79b7f49973d6

SHA-1:
b6826d5f0cca6f4902f2c0d28776520f1c375b61

SHA-256:
0f1fa0a995bd9928f2a9999d87cc511ae359da4278045f9565bce6aa5e481581

Scanner detections:
6 / 68

Status:
Clean  (6 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
5/1/2024 12:25:37 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Win32/Patched
2016.0.3075

Fortinet FortiGate
W32/Obfuscated.C!tr
6/17/2015

IKARUS anti.virus
Win32.Patched
t3scan.1.8.6.0

McAfee
Generic Obfuscated.c
5600.6731

Trend Micro House Call
Suspicious_GEN.F47V0204
7.2.168

VIPRE Antivirus
Trojan.Win32.Generic
37732

File size:
104.3 KB (106,784 bytes)

Product version:
1.0

Copyright:
Copyright © 2010

Original file name:
EslWireACD

File type:
Driver (Win64 SYS)

Language:
Turkish (Turkey)

Common path:
C:\Windows\System32\drivers\eslwireacd.sys

Digital Signature
Signed by:
Turtle Entertainment GmbH

Authority:
GlobalSign nv-sa

Valid from:
1/8/2015 5:02:22 PM

Valid to:
4/8/2016 6:02:22 PM

Subject:
CN=Turtle Entertainment GmbH, O=Turtle Entertainment GmbH, L=Cologne, S=NRW, C=DE

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121CA414E26A79FC3D34553A430BC8FEFAD

File PE Metadata
Compilation timestamp:
6/3/2015 12:05:46 PM

OS version:
6.2

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
11.0

CTPH (ssdeep):
3072:PvQm81zHiJWmTSO4ivqiAZfTHo0If6RNVIwRU/f:HQm8LvPivqFZflUcPUn

Entry address:
0x562BD

Entry point:
E9, 63, 48, 00, 00, E9, 37, 02, 01, 00, AA, F6, D3, B3, 02, E9, AF, 09, 01, 00, FE, 8A, D9, 75, 51, D5, A0, 61, 3F, CF, FB, 84, 67, 17, C3, 45, 9F, AD, 88, FC, 0A, B7, 2B, 1D, 5A, A4, DC, E2, 85, F2, D7, E4, 8B, 3C, 4C, 35, CB, 3F, E2, D1, 51, 21, 7B, 86, 0F, 38, 48, B3, AF, 89, F0, 15, 78, 3B, F8, 1C, 52, F1, 1E, 44, 5E, BE, F9, 72, 1A, F7, AA, 94, B3, C8, 58, E3, 4A, E9, 93, 42, 1F, 70, 99, 25, 01, 73, B4, 49, 24, 90, 70, 99, 5F, 42, 41, 2A, 29, 45, 4E, 7F, ED, D7, 96, 44, 06, F3, 9B, 24, 1E, D0, 2B, AD...
 
[+]

Packer / compiler:
Xtreme-Protector v1.05

Code size:
18 KB (18,432 bytes)

Driver
Display name:
ESLWireAC

Type:
Kernel device driver (KernelDriver)


Scan eslwireacd.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.