home

eslwireacd.sys

EslWireACD

Turtle Entertainment GmbH

It runs as a Windows 64-bit kernel mode device driver named “ESLWireAC”.
Publisher:
<Turtle Entertainment>  (signed by Turtle Entertainment GmbH)

Product:
EslWireACD

Version:
1.0.0.5465

MD5:
819db0411feecd181901caff03460af5

SHA-1:
dea5995b34c0149aa0c2124973fe9354d3382935

SHA-256:
8cf57dab99897f92353192e7c0d452f4a6ab69f39ae123bc17614e2065013063

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/26/2024 6:33:30 PM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
PAK_Generic.005
7.2.236

Trend Micro
PAK_Generic.005
10.465.24

File size:
107.6 KB (110,216 bytes)

Product version:
1.0

Copyright:
Copyright © 2010

Original file name:
EslWireACD

File type:
Driver (Win64 SYS)

Language:
Language Neutral

Common path:
C:\Windows\System32\drivers\eslwireacd.sys

Digital Signature
Signed by:
Turtle Entertainment GmbH

Authority:
GlobalSign nv-sa

Valid from:
9/29/2011 5:19:37 PM

Valid to:
12/27/2014 11:17:59 AM

Subject:
CN=Turtle Entertainment GmbH, OU=Desktop Software Development, O=Turtle Entertainment GmbH, L=Cologne, S=NRW, C=DE

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11211D81E9C09273DF1A6E9A05931416F400

File PE Metadata
Compilation timestamp:
8/25/2014 11:07:42 AM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
1536:fbx9wEkhEF2XZeenYj3ENqkWAY+escqajKADyrtnWdP6PWogWLt7DDAcLZQPYp7U:tPxgpZnFNqlAU5qDAacPKdtDzVQgppa

Entry address:
0x861CC

Entry point:
E9, 06, 8B, FF, FF, E8, 64, 5D, FF, FF, E9, E1, CA, FE, FF, 48, 81, CA, 89, DD, 24, 6B, F8, 57, FF, C1, 66, F7, DA, 66, 87, D1, 66, 0F, AD, DA, 56, 66, D3, CE, F5, 48, 8B, 55, 10, 66, 0F, B3, C9, 66, D3, D6, 48, 0F, A3, D2, 48, 8B, 75, 18, 0F, 9C, C5, 66, D3, C1, 8B, 4D, 28, E9, C8, 0A, 00, 00, 0F, 85, 4F, BF, FE, FF, 48, 8D, B6, 5E, A0, A0, A9, 48, 8D, B6, D3, B7, D6, B5, 66, 0F, BE, F0, 48, 8B, 35, 93, DF, FE, FF, E9, B8, 7C, FF, FF, 48, 8D, 35, 5F, FA, FE, FF, E9, 06, 73, FF, FF, E9, 19, 86, FF, FF, 66...
 
[+]

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
33.5 KB (34,304 bytes)

Driver
Display name:
ESLWireAC

Type:
Kernel device driver (KernelDriver)


Scan eslwireacd.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.