» filnk.sys
Overview
Analysis
File Details

filnk.sys

Filseclab Dynamic Defense System

Filseclab Corporation

File name:

filnk.sys

Publisher:

Filseclab Corporation (signed and verified)

Product:

Filseclab Dynamic Defense System

Description:

Filseclab Dynamic Defense System Drv

Version:

2, 0, 0, 9314

MD5:

54e0ac95a01c8ddcfeb10ebf3807c455

SHA-1:

f9a9c6bbcfaad9d1e8a5018eedd79230707ee117

SHA-256:

13dd5f03108f38ec0a5a753c610bad149c50cb71e3c3c8dfc4be5cded478a85c

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 6:43:12 PM UTC (today)

File size:

854.3 KB (874,832 bytes)

Product version:

2, 0, 0, 9314

Original file name:

filnk.sys

File type:

Driver (Win64 SYS)

Language:

English (United States)

Common path:

C:\Program Files\filseclab\twister\x64\filnk.sys

Digital Signature

Signed by:

Filseclab Corporation

Authority:

VeriSign, Inc.

Valid from:

1/29/2012 7:00:00 PM

Valid to:

1/29/2013 6:59:59 PM

Subject:

CN=Filseclab Corporation, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Filseclab Corporation, L=Beijing, S=Beijing, C=CN

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

297FB83700ADA958AFEFF56DD3C66660

File PE Metadata

Compilation timestamp:

11/22/2012 11:49:45 PM

OS version:

6.1

OS bitness:

Win64

Subsystem:

Native (none required)

Linker version:

9.0

CTPH (ssdeep):

24576:chxyZ5lxeM8mkk0a8TsUQdma3q+/rY+6Oi:fZ5lYM8dk0lTOdz57y

Entry address:

0xEA064

Entry point:

48, 83, EC, 28, 4C, 8B, C2, 4C, 8B, C9, E8, 95, FF, FF, FF, 49, 8B, D0, 49, 8B, C9, 48, 83, C4, 28, E9, 5E, 4B, FC, FF, CC, CC, B0, A0, 0E, 00, 00, 00, 00, 00, 00, 00, 00, 00, 36, B0, 0E, 00, 00, B0, 0B, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 30, A5, 0E, 00, 00, 00, 00, 00, 3A, A5, 0E, 00, 00, 00, 00, 00, 50, A5, 0E, 00, 00, 00, 00, 00, 5C, A5, 0E, 00, 00, 00, 00, 00, 68, A5, 0E, 00, 00, 00, 00, 00, 7C, A5, 0E, 00, 00, 00, 00, 00, 86, A5, 0E, 00... 
[+]

Entropy:

5.8514

Code size:

746 KB (763,904 bytes)

Scan filnk.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.