home

shieldmi64.sys

EAZ SOLUTION, INC.

Publisher:
EAZ SOLUTION, INC.  (signed and verified)

Description:
WINNT/2K/XP/2003 Driver

Version:
9.1.0.0 built by: WinDDK

MD5:
d85e92ba039a20e20509afbf6c0c40a7

SHA-1:
cb5d0a1119b4e4f401a505779f6c164f74deb44e

SHA-256:
940de4b4013dffed2ae188d50350df6207b799dd1c15ff92e4c307cd87422eb4

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 1:09:59 AM UTC  (today)

File size:
35.9 KB (36,736 bytes)

Product version:
9.1.0.0

Copyright:
Patent pending. All rights reserved.

Original file name:
SHIELDM.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\drivers\shieldmi64.sys

Digital Signature
Signed by:
EAZ SOLUTION, INC.

Authority:
VeriSign, Inc.

Valid from:
12/9/2009 3:30:00 AM

Valid to:
12/13/2011 3:29:59 AM

Subject:
CN="EAZ SOLUTION, INC.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="EAZ SOLUTION, INC.", L=Richardson, S=Texas, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6B267495B23F12E58FA9155398D8C1FA

File PE Metadata
Compilation timestamp:
3/4/2010 6:36:18 AM

OS version:
5.2

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
7.10

CTPH (ssdeep):
768:x9BK5qqzsIUBfBh85hhBayTjSG/bCqCMmo:zBK5qqzsv5iBBay6GTCqCDo

Entry address:
0x80D8

Entry point:
6F, 6D, 2F, 43, 53, 43, 33, 2D, 32, 30, 30, 39, 2D, 32, 2E, 63, 72, 6C, 30, 44, 06, 03, 55, 1D, 20, 04, 3D, 30, 3B, 30, 39, 06, 0B, 60, 86, 48, 01, 86, F8, 45, 01, 07, 17, 03, 30, 2A, 30, 28, 06, 08, 2B, 06, 01, 05, 05, 07, 02, 01, 16, 1C, 68, 74, 74, 70, 73, 3A, 2F, 2F, 77, 77, 77, 2E, 76, 65, 72, 69, 73, 69, 67, 6E, 2E, 63, 6F, 6D, 2F, 72, 70, 61, 30, 13, 06, 03, 55, 1D, 25, 04, 0C, 30, 0A, 06, 08, 2B, 06, 01, 05, 05, 07, 03, 03, 30, 75, 06, 08, 2B, 06, 01, 05, 05, 07, 01, 01, 04, 69, 30, 67, 30, 24, 06...
 
[+]

Entropy:
5.3720

Code size:
25 KB (25,600 bytes)

Scan shieldmi64.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.