home

eslwireacd.sys

EslWireACD

Turtle Entertainment GmbH

It runs as a Windows 64-bit kernel mode device driver named “ESLWireAC”.
Publisher:
<Turtle Entertainment>  (signed by Turtle Entertainment GmbH)

Product:
EslWireACD

Version:
1.0.0.4503

MD5:
a9c7dc1400d32f69a5510205e7938e4c

SHA-1:
eca4d57826ce29f577f100315c66aa5a0e518c6c

SHA-256:
b1d406e9d1a903e61471d0e55c103b242dfc2d743655f7c28785edd4ffa2d482

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/24/2024 10:23:22 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Win32/NSAnti
2015.0.3476

McAfee
Generic Obfuscated.c
5600.7132

File size:
157.4 KB (161,184 bytes)

Product version:
1.0

Copyright:
Copyright © 2010

Original file name:
EslWireACD

File type:
Driver (Win64 SYS)

Language:
Language Neutral

Common path:
C:\Windows\System32\drivers\eslwireacd.sys

Digital Signature
Signed by:
Turtle Entertainment GmbH

Authority:
GlobalSign nv-sa

Valid from:
11/26/2009 11:18:03 AM

Valid to:
11/27/2011 11:18:00 AM

Subject:
CN=Turtle Entertainment GmbH, OU=Desktop Software Development, O=Turtle Entertainment GmbH, L=Cologne, S=NRW, C=DE

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000012530204B6F

File PE Metadata
Compilation timestamp:
8/3/2011 1:31:51 PM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
3072:FqBib/2TnZBMdZSWxV7VcrKZv1PbrW/DT1Jb2nVy3egY7O17xW3ux9vjCb:esOlGdZL7VCKlVb6D2VyOgYCdxW3uxlo

Entry address:
0xA96A9

Entry point:
E9, A2, 51, FE, FF, 0F, 82, 2F, 4D, FE, FF, F8, 80, 7F, FF, 00, E9, B6, E9, FF, FF, 00, 00, 4B, 65, 4C, 65, 61, 76, 65, 43, 72, 69, 74, 69, 63, 61, 6C, 52, 65, 67, 69, 6F, 6E, 00, 81, F9, F2, D9, EA, 79, F2, AE, E9, 93, F7, FF, FF, 48, 39, D0, E9, 67, 03, FE, FF, 00, 00, 44, 62, 67, 50, 72, 69, 6E, 74, 00, 66, 85, DF, 39, 4D, 28, E9, 22, DF, FF, FF, E9, 51, 01, 00, 00, 0F, 83, 2C, DF, FF, FF, F5, 0F, BA, E5, 06, 48, 0F, A3, D7, E9, 73, F7, FF, FF, E9, 0B, 51, FE, FF, E9, 14, 02, 00, 00, 0F, 85, F7, 08, FE...
 
[+]

Packer / compiler:
Xtreme-Protector v1.05

Code size:
691 KB (707,584 bytes)

Driver
Display name:
ESLWireAC

Type:
Kernel device driver (KernelDriver)


Scan eslwireacd.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.