home

ProtoDrv.sys

360ARP防火墙

Qizhi Software (beijing) Co. Ltd

Publisher:
360安全中心  (signed by Qizhi Software (beijing) Co. Ltd)

Product:
360ARP防火墙

Description:
360AntiARP

Version:
1, 0, 1, 1001

MD5:
77bd3c62544ae5ec24ed08a08d8090a9

SHA-1:
4e44393b78cc1b584fc83fcd529478b7db8f4b9d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/27/2024 12:22:17 AM UTC  (today)

File size:
16 KB (16,384 bytes)

Product version:
1, 0, 1, 1001

Copyright:
版权所有 (C) 2007-2008 360安全中心

Original file name:
ProtoDrv.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\protodrv.sys

Digital Signature
Signed by:
Qizhi Software (beijing) Co. Ltd

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
11/24/2006 8:00:00 AM

Valid to:
11/24/2008 7:59:59 AM

Subject:
CN=Qizhi Software (beijing) Co. Ltd, OU=Secure Application Development, O=Qizhi Software (beijing) Co. Ltd, L=Beijing, S=Beijing, C=CN

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
613BF885496412207ECB70ACFAC6755B

File PE Metadata
Compilation timestamp:
3/25/2008 5:33:48 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
6.0

CTPH (ssdeep):
384:0KRwVYbPcNQD2mlJEsElDzGcCDVnNYJLPGl:0QOxODvly/GcC5n4LI

Entry address:
0x14D0

Entry point:
55, 8B, EC, 81, EC, 90, 00, 00, 00, 57, C7, 45, E4, 00, 00, 00, 00, C7, 45, E8, 00, 00, 00, 00, 66, C7, 45, EC, 0C, 00, 66, C7, 45, EE, 0E, 00, C7, 45, F0, 48, 40, 40, 00, C6, 45, F4, 00, 8B, 45, 08, A3, E8, 40, 40, 00, 68, 58, 40, 40, 00, 8D, 4D, DC, 51, FF, 15, 7C, 30, 40, 00, 8D, 55, E8, 52, 6A, 00, 6A, 00, 6A, 22, 8D, 45, DC, 50, 6A, 00, 8B, 4D, 08, 51, FF, 15, 80, 30, 40, 00, 89, 45, E4, 83, 7D, E4, 00, 7D, 05, E9, 70, 01, 00, 00, 68, 80, 40, 40, 00, 8D, 55, F8, 52, FF, 15, 7C, 30, 40, 00, 8D, 45, DC...
 
[+]

Entropy:
6.2393

Developed / compiled with:
Microsoft Visual C++

Code size:
7 KB (7,168 bytes)

Scan ProtoDrv.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.