» eslwireacd.sys
Overview
Analysis
File Details
Behaviors (1)

eslwireacd.sys

EslWireACD

Turtle Entertainment GmbH

It runs as a Windows kernel mode device driver named “ESLWireAC”.

File name:

eslwireacd.sys

Publisher:

<Turtle Entertainment> (signed by Turtle Entertainment GmbH)

Product:

EslWireACD

Version:

1.0.0.4716

MD5:

176fb7ed196dc57f9d622e000d9ec1cd

SHA-1:

e56394cb0d0dab40758eee8a7dce4811df54a8ad

SHA-256:

87c1aeafc8dc694c1db1132def3eca0018e7aca82b1d4be58856e32da15b22e6

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/23/2024 3:23:08 AM UTC (today)

File size:

816.9 KB (836,496 bytes)

Product version:

1.0

Original file name:

EslWireACD

File type:

Driver (Win32 SYS)

Language:

Language Neutral

Common path:

C:\Windows\System32\drivers\eslwireacd.sys

Digital Signature

Signed by:

Turtle Entertainment GmbH

Authority:

GlobalSign nv-sa

Valid from:

9/29/2011 6:19:37 PM

Valid to:

12/27/2014 11:17:59 AM

Subject:

CN=Turtle Entertainment GmbH, OU=Desktop Software Development, O=Turtle Entertainment GmbH, L=Cologne, S=NRW, C=DE

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11211D81E9C09273DF1A6E9A05931416F400

File PE Metadata

Compilation timestamp:

10/26/2011 1:15:06 PM

OS version:

6.1

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

9.0

CTPH (ssdeep):

24576:qfrrL5roCcJLLTdPxV6vghikPA0x9XJp/8zvo:A8CCLdPxV6Uikd9Z18zQ

Entry address:

0x409BE

Entry point:

8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 5C, FE, FB, FF, CC, CC, 20, 0A, 04, 00, 00, 00, 00, 00, 00, 00, 00, 00, 16, 0F, 04, 00, 94, 04, 00, 00, 0C, 0A, 04, 00, 00, 00, 00, 00, 00, 00, 00, 00, 6C, 0F, 04, 00, 80, 04, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 4A, 0F, 04, 00, 32, 0F, 04, 00, 24, 0F, 04, 00, 5E, 0F, 04, 00, 00, 00, 00, 00, 56, 0B, 04, 00, 68, 0B, 04, 00, 84, 0B, 04, 00, 9C, 0B, 04, 00, B2, 0B, 04, 00, CC, 0B, 04, 00, E0, 0B, 04, 00, EE, 0B... 
[+]

Code size:

804.1 KB (823,424 bytes)

Driver

Display name:

ESLWireAC

Type:

Kernel device driver (KernelDriver)

Scan eslwireacd.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.