home

nxfilter.sys

NxRay

Swiss Mobility Solutions SA

It runs as a Windows kernel mode device driver named “NxClient Filter3.3.17.0”.
Publisher:
Swiss Mobility Solutions  (signed by Swiss Mobility Solutions SA)

Product:
NxRay

Description:
NxRay Monitor

Version:
3.3.17.0

MD5:
60257d579bcdcd08643ec4e26dafcdac

SHA-1:
6b93972429f47cd49a31fbd026d3c41341647a7f

SHA-256:
5853fe3bf60799feec55f6371af55124dea9574cb5a7ad27fcda7756104bb0a1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 6:57:28 PM UTC  (today)

File size:
29.5 KB (30,192 bytes)

Product version:
3.3.17.0

Copyright:
Copyright (C) 2009-2013 Swiss Mobility Solutions

Original file name:
nxfilter

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\nxfilter.sys

Digital Signature
Signed by:
Swiss Mobility Solutions SA

Authority:
GlobalSign nv-sa

Valid from:
4/3/2012 3:15:03 PM

Valid to:
5/4/2014 3:15:03 PM

Subject:
CN=Swiss Mobility Solutions SA, O=Swiss Mobility Solutions SA, C=CH

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112153EF67432E820108A759533018011C80

File PE Metadata
Compilation timestamp:
10/16/2013 11:20:11 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
10.0

CTPH (ssdeep):
384:CuV2/3+qzBKBGVpW2d8rKT9iB+7HMt9Qr9TldWmFAda3YIJyliAwc1Fi9S6/dFnA:C+E3+Rlx+7lMmea3KcAE/r2/p4Ti/

Entry address:
0x4CB4

Entry point:
8B, FF, 55, 8B, EC, E8, C2, FF, FF, FF, 5D, E9, DF, C7, FF, FF, 0C, 4D, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, F0, 4F, 00, 00, 0C, 47, 00, 00, 00, 4D, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 44, 50, 00, 00, 00, 47, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 30, 50, 00, 00, 1C, 50, 00, 00, 00, 00, 00, 00, 7A, 4E, 00, 00, 92, 4E, 00, 00, B2, 4E, 00, 00, CE, 4E, 00, 00, DA, 4E, 00, 00, E4, 4E, 00, 00, EE, 4E, 00, 00, 00, 4F, 00, 00, 12, 4F, 00, 00, 28, 4F, 00, 00...
 
[+]

Code size:
18.8 KB (19,200 bytes)

Driver
Display name:
NxClient Filter3.3.17.0

Service name:
nxfilter

Type:
Kernel device driver (KernelDriver)


Scan nxfilter.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.