» instdrv.dll
Overview
Analysis
File Details

instdrv.dll

Agile Risk Management LLC

File name:

instdrv.dll

Publisher:

Agile Risk Management LLC (signed and verified)

MD5:

e1e82d832b25d19fe6026951aef7863b

SHA-1:

966534f5a783ca792f0ae25778b59d2a4eeab116

SHA-256:

591372ad495640ffb208e5450bd553cfa5e5ab22c17b817ca1f26a8dbb78ce3d

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

5/8/2024 8:37:02 PM UTC (today)

Scan engine

Detection

Engine version

Clam AntiVirus

PUA.Packed.PECompact-1

0.98/18155

IKARUS anti.virus

Trojan-Spy.Win32.Banbra

t3scan.1.1.113.0

File size:

39.6 KB (40,528 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\Program Files\f-response\dlls\x86\instdrv.dll

Digital Signature

Signed by:

Agile Risk Management LLC

Authority:

GlobalSign nv-sa

Valid from:

3/18/2009 12:48:00 PM

Valid to:

3/18/2010 12:48:00 PM

Subject:

E=support@f-response.com, CN=Agile Risk Management LLC, O=Agile Risk Management LLC, C=US

Issuer:

CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:

010000000001201AB103BF

File PE Metadata

Compilation timestamp:

11/13/2009 8:59:45 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

768:La0GXQLhwIjuptFwS14eheSD60Jni53ulIzSUDd:m0bhwsS1jwSXJOQIR

Entry address:

0x2AD3

Entry point:

B8, 8C, 5F, 01, 10, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 17, EA, B2, 3B, 02, 06, 23, 2D, 99, 15, 03, 88, DA, D1, 82, F2, 67, DD, B3, C6, 41, 70, 4E, C0, 07, 07, D1, 09, BE, F3, 4E, 63, 7B, 95, B8, D5, CC, E8, 70, 35, 61, 20, 17, 43, C8, A5, 78, 03, 4D, C2, 89, DA, 73, 94, 6F, 6F, 18, C2, 26, 19, 85, 1E, 2A, CA, CB, F7, CD, 2C, 74, 67, 9C, BF, FD, 25, 62, 96, 9F, 32, 35, 50, 7C, 1B, 27, DD, D7, 57, FC, 33, AE, 5F, BD, 0A, EB... 
[+]

Entropy:

7.8084

Packer / compiler:

PECompact v2

Code size:

44 KB (45,056 bytes)

Scan instdrv.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.