» NxpCap.sys
Overview
Analysis
File Details
Behaviors (1)

NxpCap.sys

NXP Semiconductors NxpCap

Trident Microsystems, Inc

It runs as a Windows kernel mode device driver named “NXP capture service”.

File name:

NxpCap.sys

Publisher:

NXP Semiconductors Germany GmbH (signed by Trident Microsystems, Inc)

Product:

NXP Semiconductors NxpCap

Description:

NxpCap

Version:

1. 0. 5. 90

MD5:

71f29eb0d39fd655296b5679020bb318

SHA-1:

6859848a4cf63d707638ca71bc2e8968d2103dd3

SHA-256:

9928f4d61f18f64b045a9e8f8a4d7d2174b996233e5b005eb57b9c4da692a7e9

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 10:51:03 AM UTC (today)

File size:

1.5 MB (1,546,904 bytes)

Product version:

1. 0. 5. 90

Trademarks:

NXP Semiconductors Germany GmbH

Original file name:

NxpCap.sys

File type:

Driver (Win32 SYS)

Language:

English (United States)

Common path:

C:\Windows\System32\drivers\nxpcap.sys

Digital Signature

Signed by:

Trident Microsystems, Inc

Authority:

VeriSign, Inc.

Valid from:

5/12/2010 2:00:00 AM

Valid to:

6/12/2012 1:59:59 AM

Subject:

CN="Trident Microsystems, Inc", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Trident Microsystems, Inc", L=Santa Clara, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

6CDC2FF373AD9D403CEC5695F5805440

File PE Metadata

Compilation timestamp:

9/8/2010 11:57:45 AM

OS version:

6.1

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

9.0

CTPH (ssdeep):

24576:drhZPkDqTRwYURVmFVS+gogP2o+bkGdmK56b+SjmoUhRUbeU5FjzM:drPcfod0b+SsfUvzM

Entry address:

0x16D93E

Entry point:

8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 90, 2D, E9, FF, CC, CC, FC, D9, 16, 00, 00, 00, 00, 00, 00, 00, 00, 00, FA, DB, 16, 00, 34, 5E, 0C, 00, E8, D9, 16, 00, 00, 00, 00, 00, 00, 00, 00, 00, 62, E3, 16, 00, 20, 5E, 0C, 00, 68, DB, 16, 00, 00, 00, 00, 00, 00, 00, 00, 00, 3E, E6, 16, 00, A0, 5F, 0C, 00, C8, D9, 16, 00, 00, 00, 00, 00, 00, 00, 00, 00, E0, E6, 16, 00, 00, 5E, 0C, 00, E4, DB, 16, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, E7, 16, 00, 1C, 60, 0C, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Code size:

794 KB (813,056 bytes)

Driver

Display name:

NXP capture service

Service name:

NxpCap

Description:

The NXP PCIe capture driver

Type:

Kernel device driver (KernelDriver)

Scan NxpCap.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.