home

MotuFWA.sys

Mark of the Unicorn FireWire

Mark of the Unicorn

It runs as a Windows kernel mode device driver named “MotuFWA”.
Publisher:
Mark of the Unicorn  (signed and verified)

Product:
Mark of the Unicorn FireWire

Description:
MotuFWA.sys

Version:
3.6.7.4

MD5:
18dd632744a49e47149dd68f8f51ce8b

SHA-1:
3b946de3ae5f9391c651661d42a83dc608050a64

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 8:03:55 PM UTC  (today)

File size:
228.2 KB (233,720 bytes)

Product version:
3.6.7.4

Copyright:
Copyright (c)2001 - 2006

Original file name:
MotuFWA.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\motufwa.sys

Digital Signature
Signed by:
Mark of the Unicorn

Authority:
GeoTrust Inc

Valid from:
7/28/2006 9:10:52 AM

Valid to:
7/28/2007 9:10:52 AM

Subject:
CN=Mark of the Unicorn, OU=GeoTrust Code Signing, OU=Software, O=Mark of the Unicorn, L=Cambridge, S=MA, C=US

Issuer:
CN=GeoTrust TrustCenter CodeSigning CA I, O=GeoTrust Inc, OU=GeoTrust TrustCenter CodeSigning CA, C=US

Serial number:
613B00010020CBCC281F2488ABBA

File PE Metadata
Compilation timestamp:
1/4/2007 5:58:55 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
8.0

CTPH (ssdeep):
6144:yH+JxJ11nmEuwM0dvfhTWJ6YsHUlSE9JdUo9B+RAKPy+v:yH+713f1hTWJ6kj9JK5R

Entry address:
0xE01C

Entry point:
E9, C3, FF, FF, FF, CC, 8B, C1, 8B, 4C, 24, 04, 89, 48, 04, C7, 00, E8, A2, 03, 00, C2, 04, 00, 56, 68, 30, 07, 00, 00, 8B, F1, E8, BF, 2F, FF, FF, 85, C0, 59, 74, 12, 56, FF, 74, 24, 0C, 8B, C8, FF, 74, 24, 14, E8, 22, 34, 00, 00, EB, 02, 33, C0, 5E, C2, 08, 00, 68, 28, 01, 00, 00, E8, 98, 2F, FF, FF, 85, C0, 59, 74, 07, 8B, C8, E9, 2E, D9, 00, 00, 33, C0, C3, CC, 8B, 41, 40, C3, 8B, 41, 44, C3, 33, C0, 33, D2, C3, CC, 8B, 41, 50, C3, 32, C0, C2, 08, 00, CC, 8A, 41, 74, C3, 8B, C1, 8B, 4C, 24, 04, 89, 48...
 
[+]

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
165 KB (168,960 bytes)

Driver
Display name:
MotuFWA

Type:
Kernel device driver (KernelDriver)


Scan MotuFWA.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.