home

QFMON.SYS

Quality Operate Hawkeye

Quality Corporation

It runs as a Windows file system device driver named “Qfmon”.
Publisher:
Quality Corporation  (signed and verified)

Product:
Quality Operate Hawkeye

Description:
Quality Filter Driver

Version:
2.1.1

MD5:
406ea42f3524afa734a50abef905e5b0

SHA-1:
a01601eaa0302c4931ed822ad2504a71eb3c62f2

SHA-256:
f12c37ea75177c5432a78e40394175383ad77312f421ac228618781fbadfe2fb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 4:01:49 PM UTC  (today)

File size:
60.3 KB (61,792 bytes)

Product version:
2.1.1

Copyright:
Copyright (C) 2009 Quality Corporation.

Original file name:
QFMON.SYS

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\qfmon.sys

Digital Signature
Signed by:
Quality Corporation

Authority:
GlobalSign nv-sa

Valid from:
2/6/2009 5:02:22 PM

Valid to:
2/6/2010 5:02:22 PM

Subject:
E=t.shibuya@quality.co.jp, CN=Quality Corporation, O=Quality Corporation, C=JP

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000011F4AD2C562

File PE Metadata
Compilation timestamp:
10/22/2009 10:48:39 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
768:I8T7oOZ9SdPqw3AzFGrAAeieTmi36VHC4pn+lJNDdYv4qPKzGpiVX3:3T7lSdPqwf8A7eqXHDn+tDuv4PkiJ

Entry address:
0xFA56

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, A0, F5, FF, FF, 46, 69, 6C, 65, 53, 70, 79, 21, 44, 72, 69, 76, 65, 72, 45, 6E, 74, 72, 79, 3A, 20, 45, 72, 72, 6F, 72, 20, 63, 72, 65, 61, 74, 69, 6E, 67, 20, 4B, 74, 6D, 20, 72, 65, 73, 6F, 75, 72, 63, 65, 20, 6D, 61, 6E, 61, 67, 65, 72, 2C, 20, 73, 74, 61, 74, 75, 73, 3D, 25, 30, 38, 78, 0A, 00, CC, 5C, 00, 4E, 00, 74, 00, 66, 00, 73, 00, 00, 00, 5C, 00, 46, 00, 61, 00, 74, 00, 00, 00, 46, 69, 6C, 65, 53, 70, 79, 21, 44, 72, 69, 76, 65, 72, 45, 6E, 74, 72...
 
[+]

Entropy:
6.6663

Code size:
42 KB (43,008 bytes)

Driver
Display name:
Qfmon

Type:
File system 'filter' driver (FileSystemDriver)

Group:
FSFilter Activity Monitor


Scan QFMON.SYS - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.