home

nmlhssrv01.sys

DUZON BizOn co., ltd.

It runs as a Windows kernel mode device driver named “DLP File System Filter”.
Publisher:
DUZON BizOn co., ltd.  (signed and verified)

MD5:
699b790acc9f0a86494e5fa8c041bf55

SHA-1:
a81ba86066e5d33d75f9eb0f191bf2cb0bbd17b3

SHA-256:
a43376ba8600933363d7d541e8ce7d33b448640f6da9d126fe5550fe55e1da8c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
7/6/2025 11:52:18 PM UTC  (a few moments ago)

File size:
41.1 KB (42,072 bytes)

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\nmlhssrv01.sys

Digital Signature
Signed by:
DUZON BizOn co., ltd.

Authority:
Thawte, Inc.

Valid from:
1/27/2015 9:00:00 AM

Valid to:
1/28/2016 8:59:59 AM

Subject:
CN="DUZON BizOn co., ltd.", O="DUZON BizOn co., ltd.", L=Chuncheon-si, S=Gangwon-do, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
021F9B5806E7C50DBA9EA501FEA709FB

File PE Metadata
Compilation timestamp:
12/11/2015 5:20:31 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
768:J8dyl8tDKRppV6BAM9XSa6LGkhP3exqvJ:mdyeKXpV6ayXSa6zB

Entry address:
0xB03E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, FE, 68, FF, FF, CC, CC, 94, B0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 46, B5, 00, 00, 08, 80, 00, 00, 8C, B0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 74, B5, 00, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 60, B5, 00, 00, 00, 00, 00, 00, 72, B1, 00, 00, 8E, B1, 00, 00, A2, B1, 00, 00, BA, B1, 00, 00, D0, B1, 00, 00, E4, B1, 00, 00, FC, B1, 00, 00, 14, B2, 00, 00, 36, B2, 00, 00, 4E, B2, 00, 00, 66, B2...
 
[+]

Entropy:
6.7078

Code size:
29 KB (29,696 bytes)

Driver
Display name:
DLP File System Filter

Service name:
nmlhssrv01

Type:
Kernel device driver (KernelDriver)


Scan nmlhssrv01.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.