home

shinjbank.sys

Chongqing Shahai Information Tech Co.,Ltd

It runs as a Windows kernel mode device driver named “shinjbank”.
Publisher:
沙海  (signed by Chongqing Shahai Information Tech Co.,Ltd)

Product:
沙海

Description:
SecurityPassDrv

Version:
3, 0, 0, 0

MD5:
09e45c1c99ddb859bac0f1752ac71a5a

SHA-1:
1978c807ffc1fa0d4ec08da0449f987dadba3308

SHA-256:
88ed68068d6b69af9d9e60b1724eba554bac148f2c9ffb6f9d10ae0f373bc090

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 12:42:51 AM UTC  (today)

File size:
145.8 KB (149,312 bytes)

Product version:
3, 0, 0, 0

Copyright:
沙海

Original file name:
SecurityPassDrv.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\shinjbank.sys

Digital Signature
Signed by:
Chongqing Shahai Information Tech Co.,Ltd

Authority:
VeriSign, Inc.

Valid from:
5/13/2013 8:00:00 AM

Valid to:
7/13/2014 7:59:59 AM

Subject:
CN="Chongqing Shahai Information Tech Co.,Ltd", OU=IT, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Chongqing Shahai Information Tech Co.,Ltd", L=Chongqing, S=Chongqing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
71825A61C6D3DB1C677B6F98174E44F8

File PE Metadata
Compilation timestamp:
1/10/2014 11:00:07 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
3072:hJwJZUqTuiMsFTFxKG58rPa5RA/smWggh8sfCs0oxn1jds+B:MJZHTbMs/xLubVWxx0o9hdsc

Entry address:
0x8134B

Entry point:
9C, C7, 04, 24, 23, 0B, 04, 04, 9C, E8, 93, 98, FF, FF, 9C, 8D, 64, 24, 44, E8, 6B, 27, FE, FF, 9C, E9, 22, 13, FF, FF, F9, 66, 85, E2, 9C, 87, 74, 24, 08, C1, EE, 10, 66, 0F, B6, F2, 66, F7, D6, 89, FE, E9, B3, 21, FE, FF, 1C, 5E, CB, 3A, 16, 9B, 5F, 8A, FB, 95, 6B, E3, C8, 93, A4, 53, CC, 3B, 3C, CB, E6, 79, DE, 15, 12, E1, 42, B1, 12, 3C, 95, BF, 9C, 6B, 6C, D6, D7, 79, F5, FE, D4, 1B, B4, 88, 67, 9A, C6, 10, 91, 2F, E6, 03, D8, BB, 0A, 54, 04, D1, EA, 6D, E1, 19, E9, 2D, 0E, 70, CD, 24, D4, CE, EB, 55...
 
[+]

Entropy:
7.7618  (probably packed)

Code size:
43 KB (44,032 bytes)

Driver
Display name:
shinjbank

Type:
Kernel device driver (KernelDriver)


Scan shinjbank.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.