home

sddiskctrl.sys

DriverDevelop.com

The file sddiskctrl.sys by DriverDevelop.com has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is also typically executed from the user's temporary directory.
Publisher:
DriverDevelop.com  (signed and verified)

MD5:
9ad8ee01c9572b1b114e4321b29ee33d

SHA-1:
847b542b7fb74d0a4abce2e26e1af0cd9b298206

SHA-256:
2fe80006cc79de9fa01eac8846e62ad6e19bfc85c117f52ff14bf5ca47486300

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/26/2024 1:26:20 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.11.13.0

File size:
24.9 KB (25,512 bytes)

File type:
Driver (Win64 SYS)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\dxr格式化工具 v20141212\ia64\sddiskctrl.sys

Digital Signature
Signed by:
DriverDevelop.com

Authority:
DriverDevelop.com

Valid from:
8/15/2009 11:02:01 AM

Valid to:
8/13/2019 11:02:01 AM

Subject:
E=ca@zndev.com, CN=DriverDevelop.com Signtools Test cert, OU=Dept. CodeSign CA, O=DriverDevelop.com, S=BeiJing, C=CN

Issuer:
E=ca@zndev.com, CN=DriverDevelop.com CA, OU=DriverDevelop.com CA, O=DriverDevelop.com, L=BeiJing, S=BeiJing, C=CN

Serial number:
011E

File PE Metadata
Compilation timestamp:
6/6/2012 2:48:16 PM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
384:pispoQpRvQvV0R4H5ljfDoEkUYczVKOC3mirILF6j1Y:pi8oL0CH5ljAUYKdVIILFmi

Entry address:
0x6020

Entry point:
A0, E0, 01, 00, 00, 00, 00, 00, 00, A0, 21, 00, 00, 00, 00, 00, 40, 30, 01, 00, 00, 00, 00, 00, 00, A0, 21, 00, 00, 00, 00, 00, A0, 23, 01, 00, 00, 00, 00, 00, 00, A0, 21, 00, 00, 00, 00, 00, A0, 25, 01, 00, 00, 00, 00, 00, 00, A0, 21, 00, 00, 00, 00, 00, E0, 3D, 01, 00, 00, 00, 00, 00, 00, A0, 21, 00, 00, 00, 00, 00, E0, 48, 01, 00, 00, 00, 00, 00, 00, A0, 21, 00, 00, 00, 00, 00, 52, 53, 44, 53, A6, AD, ED, 32, 4D, D4, 09, 4A, BC, D5, 6D, 53, 60, F4, 2A, 5B, 01, 00, 00, 00, 65, 3A, 5C, 73, 6F, 75, 72, 63...
 
[+]

Entropy:
5.6072

Code size:
15 KB (15,360 bytes)

Remove sddiskctrl.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.