home

shdbusi64.sys

New Horizon DataSys Inc.

Publisher:
New Horizon DataSys Inc.  (signed and verified)

Description:
WINNT/2K/XP/2003 Driver

Version:
9.1.0.0 built by: WinDDK

MD5:
e0267ed1b34090caad0a2a3f57397b34

SHA-1:
53ddf14684d6e4fe95ba8c5ef296aad265e4cfa0

SHA-256:
6d81f260689178c67f5ecadac8f9d7c41d6aba22b992cd7fc0090e9736bdf8f3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 7:47:50 AM UTC  (today)

File size:
13.4 KB (13,768 bytes)

Product version:
9.1.0.0

Copyright:
Patent pending. All rights reserved.

Original file name:
SHDBUS.sys

File type:
Driver (Win64 SYS)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\multirecovery\setup\system32\drivers\shdbusi64.sys

Digital Signature
Signed by:
New Horizon DataSys Inc.

Authority:
VeriSign, Inc.

Valid from:
10/4/2010 9:00:00 AM

Valid to:
9/25/2011 8:59:59 AM

Subject:
CN=New Horizon DataSys Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=New Horizon DataSys Inc., L=Vancouver, S=British Columbia, C=CA

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7882ED6A78D620D16B75B381639C4CC8

File PE Metadata
Compilation timestamp:
3/11/2011 2:51:43 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
7.10

CTPH (ssdeep):
192:rlTdxUxkMt+SdhY0baQpkqs1I5ZgjluOq+ebCfedyxq:xc3MSfI1M6jL8bCWn

Entry address:
0x4050

Entry point:
00, 26, 01, 00, 00, 00, 00, 00, 00, 80, 21, 00, 00, 00, 00, 00, 52, 53, 44, 53, 59, E2, F0, 2D, 17, 25, 8B, 40, 9A, 3B, 59, C4, C8, 40, 51, 09, 01, 00, 00, 00, 45, 3A, 5C, 63, 76, 73, 68, 6F, 6D, 65, 5C, 6E, 65, 77, 64, 6F, 77, 6E, 6C, 6F, 61, 64, 5C, 73, 79, 73, 5F, 73, 68, 69, 65, 6C, 64, 5C, 49, 6E, 64, 65, 70, 65, 6E, 64, 65, 6E, 74, 5C, 44, 52, 49, 56, 45, 52, 5C, 57, 49, 4E, 4E, 54, 5C, 53, 48, 44, 42, 55, 53, 5C, 6F, 62, 6A, 66, 72, 65, 5F, 77, 6E, 65, 74, 5F, 49, 41, 36, 34, 5C, 69, 61, 36, 34, 5C...
 
[+]

Entropy:
5.3560

Code size:
4.5 KB (4,608 bytes)

Scan shdbusi64.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.