home

hprotect.sys

Networkbench Systems Corp.

Publisher:
Networkbench Systems Corp.  (signed and verified)

MD5:
d309ce0bada02d3a784ac1bc0c5019ed

SHA-1:
ae94744a76a32fac353f90385bca87b5cec9a94a

SHA-256:
c50bf5f25052b96366b276aec4dbd303b0489a4839a4758750c256d15e9a5f03

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/29/2024 7:42:57 AM UTC  (today)

Scan engine
Detection
Engine version

Qihoo 360 Security
Trojan.Generic
1.0.0.1015

File size:
17.1 KB (17,496 bytes)

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\hprotect.sys

Digital Signature
Signed by:
Networkbench Systems Corp.

Authority:
VeriSign Class 3 Code Signing 2010 CA

Valid from:
7/2/2014 2:59:23 PM

Valid to:
7/2/2015 3:09:23 PM

Subject:
CN=Networkbench Systems Corp.

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA

Serial number:
138FF59B000000000004

File PE Metadata
Compilation timestamp:
8/7/2014 5:51:07 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
192:BW3/SEZyXoIIFxn6LJq8qkgTV3SDltGxFSyFXGsBhf7leuyMrj6ex5xi2e6s/tFT:BhYIsx2qkgTlSLGDjFXHBhjKMCR/rT

Entry address:
0x603E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, D2, B0, FF, FF, CC, CC, 78, 60, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, EC, 62, 00, 00, 00, 20, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 4C, 61, 00, 00, 62, 61, 00, 00, 6E, 61, 00, 00, 80, 61, 00, 00, 98, 61, 00, 00, A4, 61, 00, 00, BC, 61, 00, 00, D4, 61, 00, 00, EC, 61, 00, 00, FC, 61, 00, 00, 12, 62, 00, 00, 26, 62, 00, 00, 3E, 62, 00, 00, 4E, 62, 00, 00, 6A, 62, 00, 00, 86, 62, 00, 00, 9A, 62, 00, 00, A6, 62...
 
[+]

Entropy:
6.4831

Code size:
10 KB (10,240 bytes)

Scan hprotect.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.