home

ORMirror.sys

Optimal Remote Mirror Miniport Driver

OPTiM Corporation

It runs as a Windows kernel mode device driver named “ORMirror”.
Publisher:
OPTiM  (signed by OPTiM Corporation)

Product:
Optimal Remote Mirror Miniport Driver

Version:
1.1.0.100

MD5:
dde1e116f2dfd5f62c5f5200344d2b70

SHA-1:
ec4d1ea003afab6e33d96c36707fb9610b7b2ef7

SHA-256:
d0061665dc85c449031a3c26dc9322d772498e108ad95f31f602fca533e5ba23

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 10:32:05 AM UTC  (today)

File size:
8.9 KB (9,160 bytes)

Product version:
1.1.0.100

Copyright:
Copyright (C) 2008 - 2009 OPTiM Corporation

Original file name:
ORMirror.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\ormirror.sys

Digital Signature
Signed by:
OPTiM Corporation

Authority:
Thawte, Inc.

Valid from:
7/28/2010 9:00:00 AM

Valid to:
9/15/2012 8:59:59 AM

Subject:
CN=OPTiM Corporation, OU=SECURE APPLICATION DEVELOPMENT, O=OPTiM Corporation, L=Saga-City, S=Saga, C=JP

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
2B95040DA5766E7F3B4105C92B39711A

File PE Metadata
Compilation timestamp:
9/2/2009 8:52:39 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
7.10

CTPH (ssdeep):
96:aMBXgOnFraLG4HWVluxiPoHQjzQMLy+pjZ18gF5oB6pNu7+wQLO:aTOnFrEHWnYyowJL/l8gcou7+wn

Entry address:
0x905

Entry point:
A1, 80, 08, 01, 00, 85, C0, B9, 4E, E6, 40, BB, 74, 04, 3B, C1, 75, 19, A1, 1C, 07, 01, 00, 8B, 00, 35, 80, 08, 01, 00, A3, 80, 08, 01, 00, 75, 06, 89, 0D, 80, 08, 01, 00, E9, DD, FB, FF, FF, CC, CC, CC, 80, 09, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 48, 0A, 00, 00, 0C, 07, 00, 00, 74, 09, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 82, 0A, 00, 00, 00, 07, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 56, 0A, 00, 00, 6C, 0A, 00, 00, 00, 00, 00, 00, EC, 09, 00, 00, FC...
 
[+]

Entropy:
6.2970

Code size:
1.1 KB (1,152 bytes)

Driver
Display name:
ORMirror

Type:
Kernel device driver (KernelDriver)

Group:
Video


Scan ORMirror.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.