home

fairplaykd.sys

MTA San Andreas

Hans Roes

It runs as a Windows 64-bit kernel mode device driver named “FairplayKD”.
Publisher:
Multi Theft Auto  (signed by Hans Roes)

Product:
MTA San Andreas

Description:
Multi Theft Auto patch driver

Version:
353.1510.61.64

MD5:
4f1e9fb071ec1c0467bb4be346b51edb

SHA-1:
d9d53a4012f670da7924c5796a0ed950923956fd

SHA-256:
302ca27c77c2c3745e1e7cf554573b21fe2e6662f15d3ef675c821665615fbeb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/16/2024 5:33:26 PM UTC  (today)

File size:
34.3 KB (35,120 bytes)

Product version:
353.1510.61.64

Copyright:
(C) 2003 - 2013 Multi Theft Auto

File type:
Driver (Win64 SYS)

Common path:
C:\ProgramData\mta san andreas all\common\temp\fairplaykd.sys

Digital Signature
Signed by:
Hans Roes

Authority:
GlobalSign nv-sa

Valid from:
12/20/2012 7:43:56 PM

Valid to:
12/21/2013 7:43:56 PM

Subject:
CN=Hans Roes, C=BE

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11214B4F745A507F2042B96BC92A22872D59

File PE Metadata
Compilation timestamp:
6/25/2013 4:11:17 AM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
768:7srPJYXna6SgJuDQLvsT71V4CbowUABVTXLs:s6zKn/1bzTBNs

Entry address:
0xD064

Entry point:
48, 83, EC, 28, 4C, 8B, C2, 4C, 8B, C9, E8, 95, FF, FF, FF, 49, 8B, D0, 49, 8B, C9, 48, 83, C4, 28, E9, FE, 84, FF, FF, CC, CC, B0, D0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, E0, D3, 00, 00, 00, 70, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, A8, D1, 00, 00, 00, 00, 00, 00, C8, D1, 00, 00, 00, 00, 00, 00, EA, D1, 00, 00, 00, 00, 00, 00, FA, D1, 00, 00, 00, 00, 00, 00, 10, D2, 00, 00, 00, 00, 00, 00, 28, D2, 00, 00, 00, 00, 00, 00, 40, D2, 00, 00...
 
[+]

Entropy:
6.2808

Code size:
23 KB (23,552 bytes)

Driver
Display name:
FairplayKD

Type:
Kernel device driver (KernelDriver)


Scan fairplaykd.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.