home

LAYERVW.SYS

Windows Win 7 DDK driver

Conseal Security Ltd

It runs as a Windows 64-bit kernel mode device driver named “LayerView - packet analyzer”.
Publisher:
Windows (R) Win 7 DDK provider  (signed by Conseal Security Ltd)

Product:
Windows (R) Win 7 DDK driver

Description:
LayerView Filter Driver

Version:
6.1.7600.16385 built by: WinDDK

MD5:
28ad4eded599082003628e64ad76bd6a

SHA-1:
d01530db42d248401e3e263ba067e871969ae6ef

SHA-256:
1c75bdcc4221d872bf465fb6309580984bdf3f25cbf4955760e2a7d41a1791f6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/5/2024 1:28:53 AM UTC  (today)

File size:
28.4 KB (29,064 bytes)

Product version:
6.1.7600.16385

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
LAYERVW.SYS

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\layervw.sys

Digital Signature
Signed by:
Conseal Security Ltd

Authority:
GlobalSign nv-sa

Valid from:
3/8/2011 1:08:17 PM

Valid to:
3/8/2012 1:08:12 PM

Subject:
E=info@consealsecurity.com, CN=Conseal Security Ltd, O=Conseal Security Ltd, C=GB

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000012E958C74A5

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
384:zb4URGWnqejsoVooGH4XR+kgTqsXgaxFxXPXzLlVOdAbKg7iYJLdmxoZfdUb+5:zbZH09HG+kgTLdxFVipgHLUi5

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, C0, FD, FF, FF, 73, 75, 63, 63, 65, 73, 73, 20, 63, 72, 65, 61, 74, 69, 6E, 67, 20, 64, 65, 76, 69, 63, 65, 20, 61, 6E, 64, 20, 73, 79, 6D, 6C, 69, 6E, 6B, 0A, 00, CC, 5C, 00, 44, 00, 6F, 00, 73, 00, 44, 00, 65, 00, 76, 00, 69, 00, 63, 00, 65, 00, 73, 00, 5C, 00, 4C, 00, 61, 00, 79, 00, 65, 00, 72, 00, 56, 00, 77, 00, 00, 00, 5C, 00, 44, 00, 65, 00, 76, 00, 69, 00, 63, 00, 65, 00, 5C, 00, 4C, 00, 61, 00, 79, 00, 65, 00, 72, 00, 56, 00, 77, 00, 00, 00, 4C, 00...
 
[+]

Entropy:
6.6912

Driver
Display name:
LayerView - packet analyzer

Service name:
LayerVw

Type:
Kernel device driver (KernelDriver)

Group:
NDIS


Scan LAYERVW.SYS - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.