home

msntrs.sys

UBT (EU) Ltd.

It runs as a Windows kernel mode device driver named “msntrs”.
Publisher:
UBT (EU) Ltd.  (signed and verified)

Version:
3.0.0.30

MD5:
ea72db1a4f00fcb8ee1148165b033ef0

SHA-1:
e11802c315974d58f8e333163c836ae25f54a2d1

SHA-256:
ecb98cf957269554bc455f2d2f20e9b256786676937aed7dc2c8aa3316b4251c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 3:10:48 PM UTC  (today)

File size:
47 KB (48,144 bytes)

Product version:
1.4.6.15300

Original file name:
msntrs.sys

File type:
Driver (Win32 SYS)

Language:
Language Neutral

Common path:
C:\Windows\System32\drivers\msntrs.sys

Digital Signature
Signed by:
UBT (EU) Ltd.

Authority:
DigiCert Inc

Valid from:
10/2/2013 8:00:00 AM

Valid to:
11/23/2016 8:00:00 PM

Subject:
CN=UBT (EU) Ltd., O=UBT (EU) Ltd., L=Warwick, S=Warwickshire, C=GB, PostalCode=CV34 6BY, STREET=Exchange Place, STREET=Poseidon Way, SERIALNUMBER=04938684, OID.1.3.6.1.4.1.311.60.2.1.3=GB, OID.2.5.4.15=Private Organization

Issuer:
CN=DigiCert EV Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0866E7116A24936937CF0BDF14F77E4B

File PE Metadata
Compilation timestamp:
9/1/2016 10:06:59 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
768:pUduw2+bhLVG8AMC+Kg4a0MJm1hgr0u3GTn1:pWuyLU3b+5J32D1

Entry address:
0x46B6

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 40, FF, FF, FF, 4C, 6F, 67, 20, 61, 63, 74, 69, 76, 65, 0D, 0A, 00, CC, FC, 46, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 7E, 4C, 00, 00, 00, 3F, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, E8, 47, 00, 00, 00, 48, 00, 00, 0A, 48, 00, 00, 1E, 48, 00, 00, 3A, 48, 00, 00, 52, 48, 00, 00, 6A, 48, 00, 00, 88, 48, 00, 00, A4, 48, 00, 00, BE, 48, 00, 00, D0, 48, 00, 00, E8, 48, 00, 00, F8, 48, 00, 00, 10, 49, 00, 00, 22, 49...
 
[+]

Entropy:
7.0580

Code size:
16.4 KB (16,768 bytes)

Driver
Display name:
msntrs

Type:
Kernel device driver (KernelDriver)


Scan msntrs.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.