home

eslwireacd.sys

EslWireACD

Turtle Entertainment GmbH

It runs as a Windows 64-bit kernel mode device driver named “ESLWireAC”.
Publisher:
<Turtle Entertainment>  (signed by Turtle Entertainment GmbH)

Product:
EslWireACD

Version:
1.0.0.5853

MD5:
233ad2196606b54a06b2d6c28813abfa

SHA-1:
c1a6ceca291a0d61272624c3a118302d7aa71659

SHA-256:
2f5c13c2074b04380faedf809d9bbf8410986ebed8eecf448aafc4b3c67c8235

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 1:26:05 AM UTC  (today)

File size:
104.1 KB (106,608 bytes)

Product version:
1.0

Copyright:
Copyright © 2010

Original file name:
EslWireACD

File type:
Driver (Win64 SYS)

Language:
Language Neutral

Common path:
C:\Windows\System32\drivers\eslwireacd.sys

Digital Signature
Signed by:
Turtle Entertainment GmbH

Authority:
GlobalSign nv-sa

Valid from:
9/29/2011 5:19:37 PM

Valid to:
12/27/2014 10:17:59 AM

Subject:
CN=Turtle Entertainment GmbH, OU=Desktop Software Development, O=Turtle Entertainment GmbH, L=Cologne, S=NRW, C=DE

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11211D81E9C09273DF1A6E9A05931416F400

File PE Metadata
Compilation timestamp:
12/3/2014 12:21:43 PM

OS version:
6.2

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
11.0

CTPH (ssdeep):
1536:tjcywMKvAWFYkMMBYs+hiO3+LXGTLXAaziBteyntTkUqobKN8BFiSm+8AV1qi:tB1K4y0zAGXwGcsUv77i5dQ

Entry address:
0x79F73

Entry point:
E9, C8, 66, FF, FF, E8, 68, 12, 00, 00, E9, 9A, AB, FF, FF, E9, B9, 37, 00, 00, E9, 75, B9, FF, FF, E9, F3, 23, 00, 00, 0F, 9E, C0, 48, 29, D8, 48, 89, 4C, 24, 08, F6, D4, 38, CD, 48, 89, 54, 24, 10, 48, 8D, 82, F9, 49, 95, 14, 55, F9, 66, 0F, C1, E8, 66, 0F, BA, E3, 01, 48, 89, E5, 66, B8, 1D, 97, F7, D8, 48, 83, EC, 18, D2, DC, FE, C4, F8, 85, D7, 56, 66, 0F, B3, E0, 66, 89, F0, 57, C1, E0, 1D, D2, F4, 66, 0F, AB, D0, FE, C4, 53, 66, D3, E0, 66, 21, F0, 52, D2, F0, 48, 8B, 45, 10, F9, 66, 0F, BA, E2, 0B...
 
[+]

Entropy:
7.3938

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
24.5 KB (25,088 bytes)

Driver
Display name:
ESLWireAC

Type:
Kernel device driver (KernelDriver)


Scan eslwireacd.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.