home

fairplaykd.sys

MTA San Andreas

Hans Roes

It runs as a Windows kernel mode device driver named “FairplayKD”.
Publisher:
Multi Theft Auto  (signed by Hans Roes)

Product:
MTA San Andreas

Description:
Multi Theft Auto patch driver

Version:
360.1876.51.32

MD5:
78a2074a44f4758c430ad6bfed0aa90f

SHA-1:
85f546de5fe35ad0f88e81625cbad2c4baee6184

SHA-256:
62869bdd7970db6465b8dbfa148d8526d582158711e1cd4613ae61b0128de1b3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 9:45:39 AM UTC  (today)

File size:
59.1 KB (60,560 bytes)

Product version:
360.1876.51.32

Copyright:
(C) 2003 - 2014 Multi Theft Auto

File type:
Driver (Win32 SYS)

Common path:
C:\Documents and Settings\{user}\Application data\mta san andreas all\common\temp\fairplaykd.sys

Digital Signature
Signed by:
Hans Roes

Authority:
COMODO CA Limited

Valid from:
2/21/2014 1:00:00 AM

Valid to:
2/22/2016 12:59:59 AM

Subject:
CN=Hans Roes, O=Hans Roes, STREET=Klein Beeldekensplein 6, L=Kasterlee, S=Antwerp, PostalCode=2460, C=BE

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
16E8D8BA0C1D57B337A17A4C39EB183E

File PE Metadata
Compilation timestamp:
3/18/2014 7:39:46 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
768:2tdIE6Aq3YMGNJ39tZrXl9JTgWvVsuLy6w8Xu04oa:FEiab39l9tgSsuLyuXu0fa

Entry address:
0xC03E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 80, AC, FF, FF, CC, CC, 78, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 3E, C4, 00, 00, 80, 8A, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 28, C1, 00, 00, 32, C1, 00, 00, 52, C1, 00, 00, 6A, C1, 00, 00, 88, C1, 00, 00, A0, C1, 00, 00, B0, C1, 00, 00, BA, C1, 00, 00, DC, C1, 00, 00, F4, C1, 00, 00, FE, C1, 00, 00, 0A, C2, 00, 00, 20, C2, 00, 00, 40, C2, 00, 00, 5C, C2, 00, 00, 6C, C2, 00, 00, 88, C2, 00, 00, 92, C2...
 
[+]

Code size:
35.4 KB (36,224 bytes)

Driver
Display name:
FairplayKD

Type:
Kernel device driver (KernelDriver)


Scan fairplaykd.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.