home

ps7apl4b.sys

Prostokvashino: Dada Fodor ychitsya risovat

Protection Technology, Ltd.

It runs as a Windows kernel mode device driver named “Prostokvashino: Dada Fodor ychitsya risovat Synchronization Driver (ps7apl4b)”.
Publisher:
Akella  (signed by Protection Technology, Ltd.)

Product:
Prostokvashino: Dada Fodor ychitsya risovat

Description:
Prostokvashino: Dada Fodor ychitsya risovat Synchronization Driver

Version:
7.07

MD5:
ea496ccbf196a2941f808a585e827b54

SHA-1:
a88a900ed51692319e8c67428ddd67a6b45d2ea3

SHA-256:
59ee6ce9e0c06d99ae6e795f8e6921ef32bc9760a14249b6214d1e6eb5ea6b15

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 11:21:43 PM UTC  (a few moments ago)

File size:
101.2 KB (103,624 bytes)

Product version:
5.00.007.003

Copyright:
© Akella

Original file name:
ps7apl4b.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\ps7apl4b.sys

Digital Signature
Signed by:
Protection Technology, Ltd.

Authority:
VeriSign, Inc.

Valid from:
12/11/2006 2:00:00 AM

Valid to:
12/18/2007 1:59:59 AM

Subject:
CN="Protection Technology, Ltd.", OU=Software Development, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Protection Technology, Ltd.", L=Moscow, S=Not present, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
38DD11538B52547E5F77805DCB327BCC

File PE Metadata
Compilation timestamp:
11/30/2007 7:57:23 PM

OS version:
5.2

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
8.0

CTPH (ssdeep):
3072:ZPxuuEityCWjItBujbvviz8co/wcZk/1a:ZGCyCeItBujbvviz8co/wKk/k

Entry address:
0xDAE0

Entry point:
8B, CE, 4D, 8B, C7, 49, 8B, CB, E8, CF, EC, FF, FF, 8B, F8, 85, FF, 74, 34, 81, FF, 07, 00, 07, F2, 75, 6C, 83, C3, 01, 3B, 1E, 72, 88, BA, 50, 53, 37, 43, 48, 8D, 4C, 24, 20, E8, 4B, 0C, FF, FF, B8, 06, 00, 07, F2, 48, 83, C4, 48, 41, 5F, 41, 5E, 41, 5D, 41, 5C, 5F, 5E, 5D, 5B, C3, 4D, 85, ED, 74, 12, 8B, C3, 48, 69, C0, 28, 01, 00, 00, 48, 8B, 44, 30, 18, 49, 89, 45, 00, 4D, 85, E4, 74, 11, 8B, C3, 48, 69, C0, 28, 01, 00, 00, 8B, 44, 30, 20, 41, 89, 04, 24, BA, 50, 53, 37, 43, 48, 8D, 4C, 24, 20, E8, F9...
 
[+]

Code size:
70 KB (71,680 bytes)

Driver
Display name:
Prostokvashino: Dada Fodor ychitsya risovat Synchronization Driver (ps7apl4b)

Service name:
ps7apl4b

Type:
Kernel device driver (KernelDriver)

Group:
Boot Bus Extender


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.