» prwntdrv.sys
Overview
Analysis
File Details
Behaviors (1)

prwntdrv.sys

CHENGDU YIWO Tech Development Co., Ltd.

It runs as a Windows 64-bit kernel mode device driver named “prwntdrv”.

File name:

prwntdrv.sys

Publisher:

CHENGDU YIWO Tech Development Co., Ltd. (signed and verified)

MD5:

c590535d68fd6c84707dc1debd2afd68

SHA-1:

9e216cdb0d8857bf4c78da61c062d29f5e9a751e

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 12:08:15 PM UTC (today)

File size:

12.8 KB (13,064 bytes)

File type:

Driver (Win64 SYS)

Common path:

C:\Windows\System32\prwntdrv.sys

Digital Signature

Signed by:

CHENGDU YIWO Tech Development Co., Ltd.

Authority:

VeriSign, Inc.

Valid from:

8/14/2008 2:00:00 AM

Valid to:

8/15/2011 1:59:59 AM

Subject:

CN="CHENGDU YIWO Tech Development Co., Ltd.", OU=Provided by WoSign.com, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="CHENGDU YIWO Tech Development Co., Ltd.", L=Chengdu, S=Sichuan, C=CN

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

6CF2F27C3DF2FB0E3783AAD54578AA7E

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

384:i946pOZL9c5dC38eT0Mlmmp82Cd6jVQbnh:O4YeTzlJS2cmWbnh

Driver

Display name:

prwntdrv

Type:

Kernel device driver (KernelDriver)

Group:

Boot File System

Scan prwntdrv.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.