» eslwireacd.sys
Overview
Analysis
File Details
Behaviors (1)

eslwireacd.sys

EslWireACD

Turtle Entertainment GmbH

It runs as a Windows 64-bit kernel mode device driver named “ESLWireAC”.

File name:

eslwireacd.sys

Publisher:

<Turtle Entertainment> (signed by Turtle Entertainment GmbH)

Product:

EslWireACD

Version:

1.0.0.6026

MD5:

3ee71dc48f0a84ef3259ccbc1d062c96

SHA-1:

f72f4b3ba09d4a678520e131be4e75d32474b4fd

SHA-256:

a553dee5de24444b0959bf7cc1ba79b79ace0a7c6c0bbee1445b936bde76525a

Scanner detections:

7 / 68

Status:

Clean (7 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

5/1/2024 1:22:14 AM UTC (today)

Scan engine

Detection

Engine version

AVG

Win32/Patched

2016.0.3020

Bkav FE

W64.HfsAutoA

1.3.0.6979

Fortinet FortiGate

W32/Obfuscated.C!tr

8/11/2015

IKARUS anti.virus

Win32.Patched

t3scan.1.8.6.0

McAfee

Artemis!A1E2BCC1B7A9

5600.6676

Trend Micro House Call

Suspicious_GEN.F47V0204

7.2.223

VIPRE Antivirus

Trojan.Win32.Generic

37732

File size:

90.3 KB (92,448 bytes)

Product version:

1.0

Original file name:

EslWireACD

File type:

Driver (Win64 SYS)

Common path:

C:\Windows\System32\drivers\eslwireacd.sys

Digital Signature

Signed by:

Turtle Entertainment GmbH

Authority:

GlobalSign nv-sa

Valid from:

1/8/2015 4:02:22 PM

Valid to:

4/8/2016 5:02:22 PM

Subject:

CN=Turtle Entertainment GmbH, O=Turtle Entertainment GmbH, L=Cologne, S=NRW, C=DE

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121CA414E26A79FC3D34553A430BC8FEFAD

File PE Metadata

Compilation timestamp:

7/28/2015 1:47:06 PM

OS version:

6.2

OS bitness:

Win64

Subsystem:

Native (none required)

Linker version:

11.0

CTPH (ssdeep):

1536:d8ZD5uHHkC779tbg1y0EnqulyPM4gACUK9uxXt3IiHHBpji3z:d8ZDEz79hg1yxndlqgAC39wdYwjY

Entry address:

0x5B549

Entry point:

0F, 82, 18, FC, FF, FF, 68, 3A, FF, C6, C8, E9, 07, B1, FF, FF, E9, 43, 6E, 00, 00, 80, FC, 05, E9, 8B, 0A, 00, 00, E9, 74, A4, 00, 00, 0F, 87, 27, C9, FF, FF, F8, 69, D2, 0A, 00, 00, 00, 66, 81, FE, 3B, 58, E9, CF, EE, FF, FF, E8, 34, 65, 00, 00, E9, E1, 2B, 00, 00, 10, C0, E9, C5, A1, FF, FF, 88, E4, 48, 8D, 05, 24, 1C, 00, 00, E9, 60, CA, FF, FF, E9, 30, 04, 00, 00, 0F, 84, 54, 66, 00, 00, 0F, CE, 66, 0F, CF, 66, 0F, B6, F1, 0F, B6, F0, 48, 8B, 7D, 10, 48, 8D, 34, 45, E0, A5, A2, DC, 0F, CE, 48, 8D, 35... 
[+]

Code size:

18 KB (18,432 bytes)

Driver

Display name:

ESLWireAC

Type:

Kernel device driver (KernelDriver)

Scan eslwireacd.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.