» roliMIDI.sys
Overview
Analysis
File Details
Behaviors (1)

roliMIDI.sys

ROLI MIDI Driver

Tobias Erichsen

It runs as a Windows 64-bit kernel mode device driver named “ROLI MIDI Driver (x64)”.

File name:

roliMIDI.sys

Publisher:

ROLI Ltd. (signed by Tobias Erichsen)

Product:

ROLI MIDI Driver

Description:

ROLI MIDI Driver (x64)

Version:

1.0.5.0

MD5:

02250dd8944e142e2c6e42b5c6f041ee

SHA-1:

556c02d7fbd9a7478d0a843183c70c1e0c6707cb

SHA-256:

7fb11254a03b3a9310782ffb11cca99f69bf22604b51d934e393a6f00311ba9c

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/6/2024 8:06:08 AM UTC (today)

File size:

32.6 KB (33,336 bytes)

Product version:

1.0.5.0

Original file name:

roliMIDI.sys

File type:

Driver (Win64 SYS)

Language:

English (United States)

Common path:

C:\Windows\System32\drivers\rolimidi.sys

Digital Signature

Signed by:

Tobias Erichsen

Authority:

GlobalSign nv-sa

Valid from:

1/27/2014 3:38:13 AM

Valid to:

3/14/2017 4:31:09 AM

Subject:

CN=Tobias Erichsen, O=Tobias Erichsen, L=Wolfsburg, S=Niedersachsen, C=DE

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121BECB709F392843CEC40A92EC39AC5C2A

File PE Metadata

Compilation timestamp:

4/15/2016 8:04:43 PM

OS version:

6.1

OS bitness:

Win64

Subsystem:

Native (none required)

Linker version:

9.0

CTPH (ssdeep):

384:rtQl8TazM5+l1shrTa06Lt6Qe0mzQxEozV82EV4a4wW8pQiEz6RIGLgIKJ7P5IYj:Ta3Uvape3zQxGzj4SpQR6xXQbAU

Entry address:

0x2A50

Entry point:

48, 89, 5C, 24, 08, 57, 48, 83, EC, 20, 48, 8B, DA, 48, 8B, F9, E8, 03, 97, 00, 00, 48, 8B, D3, 48, 8B, CF, 48, 8B, 5C, 24, 30, 48, 83, C4, 20, 5F, E9, AE, FE, FF, FF, CC, CC, CC, CC, CC, CC, 48, 89, 5C, 24, 08, 57, 48, 83, EC, 20, 48, 8B, 05, A7, 2B, 00, 00, 48, 8B, F9, 48, 8D, 0D, 85, 2B, 00, 00, 48, 8D, 1D, 8E, 2B, 00, 00, 48, 3B, C1, 74, 45, 48, 3B, D8, 77, 40, 48, 8B, 43, 40, 48, 85, C0, 74, 18, 4C, 8B, 05, 2C, 38, 00, 00, 48, 8D, 0D, 6F, 02, 00, 00, 4C, 8B, CB, 48, 8B, D7, FF, D0, EB, 12, 48, 8B, 15... 
[+]

Entropy:

6.2129

Code size:

18 KB (18,432 bytes)

Driver

Display name:

ROLI MIDI Driver (x64)

Service name:

roliMIDI

Type:

Kernel device driver (KernelDriver)

Scan roliMIDI.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.