home

genfilt.sys

Wanyun System Driver

Team Softex, Inc.

It runs as a Windows kernel mode device driver named “GenFilt”.
Publisher:
Beijing Haiguang Chaoyue S&T Corp  (signed by Team Softex, Inc.)

Product:
Wanyun System Driver

Version:
1.00 built by: WinDDK

MD5:
8c21818e7b003c0868eb6824f65d927a

SHA-1:
b422baea05dcd883429b6679214394f79aa23919

SHA-256:
d0586af35d85c6cf68eb9a6c8659eddc66b530fdacddb3387883130e65394b60

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 7:10:59 AM UTC  (today)

File size:
39.3 KB (40,192 bytes)

Product version:
1.00

Copyright:
Copyright (c) Beijing Haiguang Chaoyue. All rights reserved.

Original file name:
GenFilter.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\genfilt.sys

Digital Signature
Signed by:
Team Softex, Inc.

Authority:
VeriSign, Inc.

Valid from:
5/9/2011 8:00:00 AM

Valid to:
5/9/2014 7:59:59 AM

Subject:
CN="Team Softex, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Team Softex, Inc.", L=Taipei, S=Taiwan, C=TW

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
02479B245E8CB0EFDE2EC51C216D5C28

File PE Metadata
Compilation timestamp:
8/12/2013 10:18:10 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

Entry address:
0x903E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, CE, D5, FF, FF, CC, CC, 98, 90, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 62, 96, 00, 00, 0C, 70, 00, 00, 8C, 90, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 96, 96, 00, 00, 00, 70, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 70, 96, 00, 00, 7E, 96, 00, 00, 00, 00, 00, 00, CA, 91, 00, 00, DC, 91, 00, 00, E8, 91, 00, 00, 00, 92, 00, 00, 0A, 92, 00, 00, 14, 92, 00, 00, 26, 92, 00, 00, 36, 92, 00, 00, 44, 92, 00, 00, 5C, 92...
 
[+]

Entropy:
6.6408

Code size:
26 KB (26,624 bytes)

Driver
Display name:
GenFilt

Type:
Kernel device driver (KernelDriver)


Scan genfilt.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.