home

jxeaib7g.sys

Suzhen Zhou

Publisher:
Suzhen Zhou  (signed and verified)

MD5:
684250e6cabd7ca15467fca64129b79e

SHA-1:
0d5e15823f6363166e15bbf7043f45d014195c47

SHA-256:
5bae695f5705d13ace219daad6dda7f1fb49ace0c9700c5348e09bc7c61b236a

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/18/2024 2:20:33 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W64.HfsAutoA
1.3.0.8455

Qihoo 360 Security
Trojan.Generic
1.0.0.1120

File size:
394.6 KB (404,032 bytes)

File type:
Driver (Win64 SYS)

Common path:
C:\windows\jxeaib7g.sys

Digital Signature
Signed by:
Suzhen Zhou

Authority:
VeriSign, Inc.

Valid from:
10/18/2012 8:00:00 AM

Valid to:
10/19/2015 7:59:59 AM

Subject:
CN=Suzhen Zhou, OU=Individual Developer, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=No Organization Affiliation, L=Wuhan, S=Hubei, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
13A691B148E6D8D0891F888E6605E0DD

File PE Metadata
Compilation timestamp:
11/20/2016 1:56:09 AM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
12288:L+QzCzMB5BpHUf5dgwyI6BM3o1VANujTma:iJMB5BpHlC6BM3o1V3jKa

Entry address:
0xD4EFB

Entry point:
E9, 04, F8, FF, FF, B9, 2E, D0, 19, 83, C3, 2D, CA, 4C, AB, DB, C0, 76, 00, 1F, E7, CE, 8B, 73, EE, 80, E0, 1F, 87, 88, F1, BF, 56, DE, 02, 8B, 1E, 60, D9, 17, AE, 06, 63, 89, D9, 91, AD, 82, 93, CD, CC, C6, AE, B0, 00, 1F, 97, DE, 8B, 5D, B4, 62, 53, 43, 95, 20, B6, 52, B6, 90, 85, 8A, 1C, 12, 34, 88, A9, D3, 7A, F9, 3A, 59, 3D, F2, 23, CA, 98, 34, 27, F0, 2F, 61, 8F, CD, D2, 05, DA, 1F, 0D, E4, 43, 19, 99, 6F, AA, BC, 4B, 75, 1B, DD, 98, 3A, 0C, 39, EA, 65, 82, CA, 50, B4, 35, 41, 32, 41, 19, FF, C7, A8...
 
[+]

Entropy:
7.8974

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
81.5 KB (83,456 bytes)

Scan jxeaib7g.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.