mouse.sys

Interception

Francisco Lopes da Silva

It runs as a Windows kernel mode device driver named “Mouse Upper Filter Driver”.
Publisher:
Oblita  (signed by Francisco Lopes da Silva)

Product:
Interception

Description:
Mouse Upper Filter Driver

Version:
1.00 built by: WinDDK

MD5:
b415aa8139b67abfc88bd6d013650580

SHA-1:
b9762b339897f9a10ab4252259a920b12b4bcdf8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/18/2017 4:34:36 AM UTC  (a few moments ago)

File size:
13.7 KB (14,056 bytes)

Product version:
1.00

Copyright:
Copyright (C) 2008-2012 Francisco Lopes da Silva

Original file name:
mouse.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\mouse.sys

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
10/21/2011 9:44:05 PM

Valid to:
10/21/2012 9:44:05 PM

Subject:
CN=Francisco Lopes da Silva, C=BR

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121B0438D527C7F1F730ABA6FDE22678560

File PE Metadata
Compilation timestamp:
2/16/2012 5:40:26 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
192:+9c8PlCHpAaIcRYQHpUSbjlZv1V3PKhOYTgBxe1HCjuesl01Xsxxmhgj:+q8NCDhY+pUSnlZvnPKY1KxYYYKj

Entry address:
0x17EB

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 8B, FE, FF, FF, CC, 44, 18, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 1B, 00, 00, 0C, 0F, 00, 00, 38, 18, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 36, 1B, 00, 00, 00, 0F, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 0E, 1B, 00, 00, 22, 1B, 00, 00, 00, 00, 00, 00, F4, 18, 00, 00, 14, 19, 00, 00, 36, 19, 00, 00, 52, 19, 00, 00, 6A, 19, 00, 00, 80, 19, 00, 00, 98, 19, 00, 00, A8, 19, 00, 00, B6, 19, 00, 00, C6, 19, 00...
 
[+]

Code size:
5.3 KB (5,376 bytes)

Driver
Display name:
Mouse Upper Filter Driver

Service name:
mouse

Type:
Kernel device driver (KernelDriver)


Scan mouse.sys - Powered by Reason Core Security