home

ethpdrv.sys

GPRS Explorer

Gemfor s.r.o.

It runs as a Windows 64-bit kernel mode device driver named “Ethernet Packet Driver”.
Publisher:
Gemfor s.r.o.  (signed and verified)

Product:
GPRS Explorer

Description:
Ethernet Packet Driver

Version:
2005-09-08

MD5:
66742188777cca93b0402792dc1f1058

SHA-1:
5e7d0aa31c5167b941fa9c26ac8d684ce8fd5001

SHA-256:
4fec6917b0ff730651d0b33debb24495292aafd86ef27e4dca37364bba4772e5

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 1:55:58 AM UTC  (today)

File size:
16 KB (16,376 bytes)

Product version:
2005-09-08

Original file name:
ethpdrv.sys

File type:
Driver (Win64 SYS)

Common path:
C:\Windows\System32\drivers\ethpdrv.sys

Digital Signature
Signed by:
Gemfor s.r.o.

Authority:
VeriSign, Inc.

Valid from:
2/26/2007 1:00:00 AM

Valid to:
4/18/2009 1:59:59 AM

Subject:
CN=Gemfor s.r.o., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Gemfor s.r.o., L=Roztoky, S=n/a, C=CZ

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
08C6FC24EC89EB1DB398002C32A9E89B

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
192:7uJwSzJIIYgDJSyxY/AWZLMPnDM6Ky2zKyowJL/aMjGwP78MpBfh+ebMqpIZgjlN:7uJwdOFxi/ZL0DXS2YJLWqBbPG6jr

Entry point:
8B, FF, 55, 8B, EC, A1, 04, 40, 01, 00, 85, C0, B9, 40, BB, 00, 00, 74, 04, 3B, C1, 75, 23, 8B, 15, 58, 30, 01, 00, B8, 04, 40, 01, 00, C1, E8, 08, 33, 02, 25, FF, FF, 00, 00, A3, 04, 40, 01, 00, 75, 07, 8B, C1, A3, 04, 40, 01, 00, F7, D0, A3, 00, 40, 01, 00, 5D, E9, 4A, C8, FF, FF, F4, 50, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 0A, 53, 00, 00, 58, 30, 00, 00, 9C, 50, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 54, 53, 00, 00, 00, 30, 00, 00, AC, 50, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, BE, 54, 00, 00, 10...
 
[+]

Driver
Display name:
Ethernet Packet Driver

Service name:
Ethpdrv

Type:
Kernel device driver (KernelDriver)

Group:
PNP_TDI


Scan ethpdrv.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.