home

rstdisk.sys

还原驱动

Hangzhou Shunwang Information Technology Co., Ltd

It runs as a Windows kernel mode device driver named “RstDisk”.
Publisher:
杭州顺网科技股份有限公司  (signed by Hangzhou Shunwang Information Technology Co., Ltd)

Product:
还原驱动

Description:
RestoreDisk.sys

Version:
2010,10,20,15 built by: WinDDK

MD5:
df295e8c3fbf9fb882339dc1e43257a4

SHA-1:
51103b8be4d5187d0980112d444d0dd2d23b4fbe

SHA-256:
8be253aa8e5fed1c3d827d6be1d02b9c42dbd95cc38e6517bfd5aa3c841a9f2e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 10:26:38 AM UTC  (today)

File size:
48.8 KB (50,000 bytes)

Product version:
0, 1, 20101020,15

Copyright:
版权所有 (C) 杭州顺网科技股份有限公司

Original file name:
RestoreDisk.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\rstdisk.sys

Digital Signature
Signed by:
Hangzhou Shunwang Information Technology Co., Ltd

Authority:
GlobalSign nv-sa

Valid from:
6/26/2009 1:34:08 PM

Valid to:
6/27/2011 1:34:04 PM

Subject:
CN="Hangzhou Shunwang Information Technology Co., Ltd", OU="Hangzhou Shunwang Information Technology Co., Ltd", O="Hangzhou Shunwang Information Technology Co., Ltd", C=CN

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
010000000001221B4097E0

File PE Metadata
Compilation timestamp:
10/20/2010 3:35:23 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
8.0

CTPH (ssdeep):
768:aWBhpX6zOOWUVw+FyDgTrYf/4ppA22GASNIVObhkEF6gXL5i:aaqqOWUV10Icn45zjN2E9X0

Entry address:
0x9485

Entry point:
8B, FF, 55, 8B, EC, A1, 30, 92, 01, 00, 85, C0, B9, 4E, E6, 40, BB, 74, 04, 3B, C1, 75, 1A, A1, E8, 8C, 01, 00, 8B, 00, 35, 30, 92, 01, 00, A3, 30, 92, 01, 00, 75, 07, 8B, C1, A3, 30, 92, 01, 00, F7, D0, A3, 34, 92, 01, 00, 5D, E9, 41, 75, FF, FF, CC, 0C, 95, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, F2, 9D, 00, 00, 8C, 8B, 00, 00, 00, 95, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 2C, 9E, 00, 00, 80, 8B, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 9E, 00, 00, 16...
 
[+]

Entropy:
6.5825

Code size:
36.3 KB (37,120 bytes)

Driver
Display name:
RstDisk

Type:
Kernel device driver (KernelDriver)


Scan rstdisk.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.