» firadisk.sys
Overview
Analysis
File Details
Behaviors (1)

firadisk.sys

FiraDisk

Karyonix

It runs as a Windows 64-bit kernel mode device driver named “FiraDisk Driver”.

File name:

firadisk.sys

Publisher:

Karyonix (signed and verified)

Product:

FiraDisk

Description:

FiraDisk Virtual Disk Driver

Version:

0.0.1.30

MD5:

e9e4c871304ad5a33539d73a97d29e8b

SHA-1:

f250ed1bd29fa639196599cd6ed41768db9dcd6f

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/26/2024 5:58:15 PM UTC (today)

File size:

27 KB (27,632 bytes)

Product version:

0.0.1.30

Original file name:

firadisk.sys

File type:

Driver (Win64 SYS)

Language:

English (United States)

Common path:

C:\Windows\System32\drivers\firadisk.sys

Digital Signature

Signed by:

Karyonix

Authority:

Karyonix Test-Signing CA

Valid from:

9/12/2009 3:22:47 AM

Valid to:

1/1/2040 1:59:59 AM

Subject:

CN=Karyonix

Issuer:

CN=Karyonix Test-Signing CA

Serial number:

A394B42575C1398C4887CD526E15B09E

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

768:BM/hHsY7QiypesSlkYGRE2zD1VMyz15A:BqhRyh4kYGRE2zDgyz15

Entry point:

8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 9E, FE, FF, FF, 30, 58, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 92, 5F, 00, 00, 0C, 4D, 00, 00, 24, 58, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, CC, 5F, 00, 00, 00, 4D, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, A0, 5F, 00, 00, B6, 5F, 00, 00, 00, 00, 00, 00, 9C, 59, 00, 00, B4, 59, 00, 00, C4, 59, 00, 00, E4, 59, 00, 00, F6, 59, 00, 00, 0A, 5A, 00, 00, 14, 5A, 00, 00, 2E, 5A, 00, 00, 40, 5A, 00, 00, 4E, 5A, 00, 00... 
[+]

Entropy:

6.3263

Driver

Display name:

FiraDisk Driver

Service name:

firadisk

Type:

Kernel device driver (KernelDriver)

Group:

Boot Bus Extender

Scan firadisk.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.