home

shisrcb64.sys

Chongqing Shahai Information Tech Co.,Ltd

It runs as a Windows 64-bit kernel mode device driver named “SHISRCB”.
Publisher:
沙海  (signed by Chongqing Shahai Information Tech Co.,Ltd)

Product:
沙海

Description:
SecurityPassDrv

Version:
3, 0, 0, 0

MD5:
d31eea0b918b2fcacb7ba02cf48f6887

SHA-1:
443c5e16ddadd7c0e228466ec0d8d843f4c252df

SHA-256:
de578fe724d70ea5f50d6c582352f7879ae4617213cbdb913fdac403da9129ac

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/29/2024 3:33:19 PM UTC  (today)

File size:
457.6 KB (468,624 bytes)

Product version:
3, 0, 0, 0

Copyright:
沙海

Original file name:
SecurityPassDrv.sys

File type:
Driver (Win64 SYS)

Common path:
C:\windows\syswow64\drivers\shisrcb64.sys

Digital Signature
Signed by:
Chongqing Shahai Information Tech Co.,Ltd

Authority:
VeriSign, Inc.

Valid from:
6/26/2014 8:00:00 AM

Valid to:
8/26/2015 7:59:59 AM

Subject:
CN="Chongqing Shahai Information Tech Co.,Ltd", OU=IT, O="Chongqing Shahai Information Tech Co.,Ltd", L=Chongqing, S=Chongqing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7ABA7B20248A50ACD93F3A01195662E1

File PE Metadata
Compilation timestamp:
3/23/2015 10:47:12 AM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
6144:q+KzDOocqqDL6E4wKWWGUBsQveI+NqrMe:RWx5qn6E4wNWGUTehUf

Entry address:
0x64FE7

Entry point:
0F, 80, B3, 13, 00, 00, 68, 68, A1, 01, 87, E9, D4, 4E, 00, 00, F3, A7, 4D, AC, 4F, 4D, CC, 2B, 94, 58, D8, F7, FB, 5F, DF, B6, 56, 65, 69, 7D, 71, 2D, E5, 07, 07, 82, 96, 02, 16, 72, 86, C2, F6, FA, EE, B2, 42, 99, EE, B6, 91, 01, 03, 4E, 3F, 40, AC, C4, EE, 2F, E9, 08, 36, 3A, 4E, B0, CA, 77, 72, 72, 69, D4, F7, FB, C7, 48, 10, 17, D7, FA, EE, 62, 66, F2, E6, 8A, 52, 0C, 8C, 33, 5A, A8, CF, DD, 04, 0A, 6D, C7, 12, AA, 13, 77, 07, 2E, 00, D9, C1, 08, AA, D1, 1C, 98, 01, 6D, FD, 04, A6, 9A, 1B, 24, 65, E9...
 
[+]

Entropy:
3.8172

Code size:
44.4 KB (45,440 bytes)

Driver
Display name:
SHISRCB

Type:
Kernel device driver (KernelDriver)


Scan shisrcb64.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.