home

ORMirror.sys

Optimal Remote Mirror Miniport Driver

OPTiM Corporation

It runs as a Windows kernel mode device driver named “ORMirror”.
Publisher:
OPTiM  (signed by OPTiM Corporation)

Product:
Optimal Remote Mirror Miniport Driver

Version:
1.1.0.100

MD5:
a4978b9a941200e0c3b6734db95ca109

SHA-1:
95ca848df76d9070de430a315a52d0d56f05a141

SHA-256:
44dd833d9b246ff793c0f9cc680d734f4b6f36db397370d7351c5b090e0fcf2e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2024 1:22:41 PM UTC  (today)

File size:
8.5 KB (8,744 bytes)

Product version:
1.1.0.100

Copyright:
Copyright (C) 2008 - 2009 OPTiM Corporation

Original file name:
ORMirror.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\ormirror.sys

Digital Signature
Signed by:
OPTiM Corporation

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
8/12/2008 9:00:00 AM

Valid to:
9/15/2010 8:59:59 AM

Subject:
CN=OPTiM Corporation, OU=SECURE APPLICATION DEVELOPMENT, O=OPTiM Corporation, L=Saga-City, S=Saga, C=JP

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
78C7E9EFB646D7CFA6AD24C697538580

File PE Metadata
Compilation timestamp:
9/2/2009 8:52:39 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
7.10

CTPH (ssdeep):
96:MBXgOnFraLG4HWVlunrz6vuegOeiPoHQjzQMLy+gIpbjU57MhTrR1:TOnFrEHWnTWOeyowJL/gIG57Mhh1

Entry address:
0x905

Entry point:
A1, 80, 08, 01, 00, 85, C0, B9, 4E, E6, 40, BB, 74, 04, 3B, C1, 75, 19, A1, 1C, 07, 01, 00, 8B, 00, 35, 80, 08, 01, 00, A3, 80, 08, 01, 00, 75, 06, 89, 0D, 80, 08, 01, 00, E9, DD, FB, FF, FF, CC, CC, CC, 80, 09, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 48, 0A, 00, 00, 0C, 07, 00, 00, 74, 09, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 82, 0A, 00, 00, 00, 07, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 56, 0A, 00, 00, 6C, 0A, 00, 00, 00, 00, 00, 00, EC, 09, 00, 00, FC...
 
[+]

Entropy:
6.1715

Code size:
1.1 KB (1,152 bytes)

Driver
Display name:
ORMirror

Type:
Kernel device driver (KernelDriver)

Group:
Video


Scan ORMirror.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.