home

lsi_aspl.sys

Version Full For Seven

White Wave Soft Inc.

It runs as a Windows kernel mode device driver named “FarassooEx”.
Publisher:
Farasoo  (signed by White Wave Soft Inc.)

Product:
Version Full For Seven

Description:
Farasoo.sys

Version:
Keyboard Driver built by: WinDDK

MD5:
3186d1d0e3bf722cde2b3c66f02e82af

SHA-1:
50b56b5cb9b23316d783aea34d085d56b8a2f448

SHA-256:
25fe6c3b64501e9fc29b9977f9c42c64310e23a9c313b93d12f5aefe3d8cf2a1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 7:04:19 AM UTC  (today)

File size:
8.7 KB (8,944 bytes)

Product version:
1.1.1.1

Copyright:
Farasoo <2011>

Original file name:
Farasoo.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\lsi_aspl.sys

Digital Signature
Signed by:
White Wave Soft Inc.

Authority:
White Wave Soft Inc.

Valid from:
9/24/2010 7:36:54 PM

Valid to:
9/24/2018 7:36:53 PM

Subject:
CN=White Wave Soft, O=White Wave Soft Inc., OU=Run In 64X, L=Reza Abdoli, S=CA, C=US

Issuer:
CN=White Wave Soft, O=White Wave Soft Inc., OU=Run In 64X, L=Reza Abdoli, S=CA, C=US

Serial number:
9EAFE6A55BBA8094466C87C027BFFFC5

File PE Metadata
Compilation timestamp:
1/18/2011 12:43:32 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
96:h063cMTHeAjWamK1umKeTGLxw4bOiz3bLS3C1hu3a+Vpf1zpD1:B3xeDLK13K6Gyyz3CD3a6JpD1

Entry address:
0x403E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 66, D7, FF, FF, CC, CC, 78, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 1E, 42, 00, 00, 00, 20, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, C0, 40, 00, 00, E0, 40, 00, 00, F4, 40, 00, 00, 06, 41, 00, 00, 12, 41, 00, 00, 24, 41, 00, 00, 3C, 41, 00, 00, 54, 41, 00, 00, 6A, 41, 00, 00, 82, 41, 00, 00, 96, 41, 00, 00, B0, 41, 00, 00, C6, 41, 00, 00, DE, 41, 00, 00, F0, 41, 00, 00, 00, 42, 00, 00, 0E, 42, 00, 00, 00, 00...
 
[+]

Entropy:
5.1129

Code size:
3.5 KB (3,584 bytes)

Driver
Display name:
FarassooEx

Type:
Kernel device driver (KernelDriver)


Scan lsi_aspl.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.