home

lsi_aspl.sys

Version Full For Seven

White Wave Soft Inc.

It runs as a Windows 64-bit kernel mode device driver named “FarassooEx”.
Publisher:
Farasoo  (signed by White Wave Soft Inc.)

Product:
Version Full For Seven

Description:
Farasoo.sys

Version:
Keyboard Driver built by: WinDDK

MD5:
7c00ca83d7d096ab43c5eb235e595721

SHA-1:
745ad2d2ac487f8f5cac66026efedebbd70ebc44

SHA-256:
e4241adae567fbc1f7aa14d719f55f412d0a3c038711afbb33c3519b3ad5ed51

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 10:52:49 PM UTC  (today)

File size:
9.2 KB (9,456 bytes)

Product version:
1.1.1.1

Copyright:
Farasoo <2011>

Original file name:
Farasoo.sys

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\windows\syswow64\lsi_aspl.sys

Digital Signature
Signed by:
White Wave Soft Inc.

Authority:
White Wave Soft Inc.

Valid from:
9/24/2010 7:36:54 PM

Valid to:
9/24/2018 7:36:53 PM

Subject:
CN=White Wave Soft, O=White Wave Soft Inc., OU=Run In 64X, L=Reza Abdoli, S=CA, C=US

Issuer:
CN=White Wave Soft, O=White Wave Soft Inc., OU=Run In 64X, L=Reza Abdoli, S=CA, C=US

Serial number:
9EAFE6A55BBA8094466C87C027BFFFC5

File PE Metadata
Compilation timestamp:
1/18/2011 12:44:19 PM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
96:dkCp1xCL/8CHAL/RB8n3x16qHg5DyXzOgPW/RJT9L0VG1huS+Vpf1zpjR:2mCL/8CH8RB8nh16qaeif/H+JS6JpjR

Entry address:
0x5064

Entry point:
48, 83, EC, 28, 4C, 8B, C2, 4C, 8B, C9, E8, 95, FF, FF, FF, 49, 8B, D0, 49, 8B, C9, 48, 83, C4, 28, E9, BE, C8, FF, FF, CC, CC, B0, 50, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 88, 52, 00, 00, 00, 20, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 38, 51, 00, 00, 00, 00, 00, 00, 50, 51, 00, 00, 00, 00, 00, 00, 64, 51, 00, 00, 00, 00, 00, 00, 70, 51, 00, 00, 00, 00, 00, 00, 88, 51, 00, 00, 00, 00, 00, 00, 9A, 51, 00, 00, 00, 00, 00, 00, B0, 51, 00, 00...
 
[+]

Entropy:
5.3544

Code size:
4 KB (4,096 bytes)

Driver
Display name:
FarassooEx

Type:
Kernel device driver (KernelDriver)


Scan lsi_aspl.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.