home

shieldmi64.sys

EAZ SOLUTION, INC.

Publisher:
EAZ SOLUTION, INC.  (signed and verified)

Description:
WINNT/2K/XP/2003 Driver

Version:
9.1.0.0 built by: WinDDK

MD5:
a766ceb8db35b2e39798e23876cdf994

SHA-1:
2fa791a40deec53e65d5f8326c014dc3f22cbb36

SHA-256:
e8a8ab90e94adca633f4e053ff67255d76b1b710fd73ce9184fb943a2ee9f31d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 10:54:27 PM UTC  (today)

File size:
35.9 KB (36,736 bytes)

Product version:
9.1.0.0

Copyright:
Patent pending. All rights reserved.

Original file name:
SHIELDM.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\system32\drivers\shieldmi64.sys

Digital Signature
Signed by:
EAZ SOLUTION, INC.

Authority:
VeriSign, Inc.

Valid from:
12/9/2009 3:30:00 AM

Valid to:
12/13/2011 3:29:59 AM

Subject:
CN="EAZ SOLUTION, INC.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="EAZ SOLUTION, INC.", L=Richardson, S=Texas, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6B267495B23F12E58FA9155398D8C1FA

File PE Metadata
Compilation timestamp:
6/13/2011 8:53:46 AM

OS version:
5.2

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
7.10

CTPH (ssdeep):
768:B9n5qqzEiEVBT6KiAVthBlTjSGubCqCMmz:Dn5qqzElTF3JBl6GuCqCDz

Entry address:
0x80D8

Entry point:
6F, 6D, 2F, 43, 53, 43, 33, 2D, 32, 30, 30, 39, 2D, 32, 2E, 63, 72, 6C, 30, 44, 06, 03, 55, 1D, 20, 04, 3D, 30, 3B, 30, 39, 06, 0B, 60, 86, 48, 01, 86, F8, 45, 01, 07, 17, 03, 30, 2A, 30, 28, 06, 08, 2B, 06, 01, 05, 05, 07, 02, 01, 16, 1C, 68, 74, 74, 70, 73, 3A, 2F, 2F, 77, 77, 77, 2E, 76, 65, 72, 69, 73, 69, 67, 6E, 2E, 63, 6F, 6D, 2F, 72, 70, 61, 30, 13, 06, 03, 55, 1D, 25, 04, 0C, 30, 0A, 06, 08, 2B, 06, 01, 05, 05, 07, 03, 03, 30, 75, 06, 08, 2B, 06, 01, 05, 05, 07, 01, 01, 04, 69, 30, 67, 30, 24, 06...
 
[+]

Entropy:
5.3864

Code size:
25 KB (25,600 bytes)

Scan shieldmi64.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.