home

fdrawcmd.sys

Simon Owen

It runs as a Windows kernel mode device driver named “Low-level Floppy Driver”.
Publisher:
simonowen.com  (signed by Simon Owen)

Description:
Low-level floppy filter

Version:
1.0.1.11

MD5:
273ba621890388a4cca9e624c435636d

SHA-1:
3a3ba06d6168b34cbd4a392f6fa701d752109a3b

SHA-256:
6aad8209f6a428acaa56340ea648473d0c6750cc158a218a5c8838ebe4c591f5

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 12:42:21 PM UTC  (today)

File size:
27.2 KB (27,896 bytes)

Copyright:
Copyright © 2004-2010 Simon Owen

Original file name:
fdrawcmd.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\fdrawcmd.sys

Digital Signature
Signed by:
Simon Owen

Authority:
GlobalSign nv-sa

Subject:
E=simon@simonowen.com, CN=Simon Owen, C=GB

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
010000000001187B181D3F

File PE Metadata
Compilation timestamp:
4/24/2010 9:19:15 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
8.0

CTPH (ssdeep):
384:T1/SaI7UlqkhO02rABJIbrQyJwhrUzZUTw/vK/hJUyvQeC6s8j+PZfdUb+xluHe:Tpjqwk02MkQyJc4NUTPUyvlCC+4ixlu

Entry address:
0x4205

Entry point:
8B, FF, 55, 8B, EC, A1, 98, 41, 01, 00, 85, C0, B9, 4E, E6, 40, BB, 74, 04, 3B, C1, 75, 1A, A1, 2C, 40, 01, 00, 8B, 00, 35, 98, 41, 01, 00, A3, 98, 41, 01, 00, 75, 07, 8B, C1, A3, 98, 41, 01, 00, F7, D0, A3, 9C, 41, 01, 00, 5D, E9, 4D, F6, FF, FF, CC, 9C, 42, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 47, 00, 00, 9C, 3F, 00, 00, 80, 42, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 96, 47, 00, 00, 80, 3F, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 68, 47, 00, 00, 54...
 
[+]

Entropy:
6.7452

Code size:
16.3 KB (16,640 bytes)

Driver
Display name:
Low-level Floppy Driver

Service name:
fdrawcmd

Type:
Kernel device driver (KernelDriver)


Scan fdrawcmd.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.