home

sk_ndis.sys

Lumension Endpoint Security

Lumension Security

It runs as a Windows kernel mode device driver named “SK-NDIS LightWeight Filter”.
Publisher:
Lumension Security, Inc.  (signed by Lumension Security)

Product:
Lumension Endpoint Security

Description:
Lumension Endpoint Security NDIS Kernel Driver

Version:
4.6.428

MD5:
70e5303e8bad69c49bccc909a9934287

SHA-1:
175d9eec56c523e34926a590cfd36fc17dcc26be

SHA-256:
3db24995463a925b6fbd4d230b3c17759bfdd3df52974946ffce29b31a84d095

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 4:43:37 PM UTC  (today)

File size:
11.7 KB (12,008 bytes)

Product version:
4.6

Copyright:
© 2000-2015 Lumension Security, Inc. All rights reserved.

Trademarks:
Lumension®, Lumension® Endpoint Security Suite, Lumension® Device Control, Lumension® Application Control, the Lumension logo, and all other trademark

Original file name:
sk_ndis.sys

File type:
Driver (Win32 SYS)

Language:
Language Neutral

Common path:
C:\Windows\System32\drivers\sk_ndis.sys

Digital Signature
Signed by:
Lumension Security

Authority:
VeriSign, Inc.

Valid from:
9/12/2012 3:00:00 AM

Valid to:
10/10/2015 1:59:59 AM

Subject:
CN=Lumension Security, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Lumension Security, L=Scottsdale, S=Arizona, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
281C5F55A11ACB189F4A0CAC517EC32A

File PE Metadata
Compilation timestamp:
10/9/2015 3:23:18 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
192:LPj/ynYe+PjPwjrJYb+vjcCljtlAur9ZCspE+TMArE02Lv:HanYPLwZGcUHeMDv

Entry address:
0x6BE

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, C2, FD, FF, FF, CC, CC, 0C, 07, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 2A, 07, 00, 00, 00, 05, 00, 00, 14, 07, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 46, 07, 00, 00, 08, 05, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 1C, 07, 00, 00, 00, 00, 00, 00, 38, 07, 00, 00, 00, 00, 00, 00, 66, 02, 4B, 65, 54, 69, 63, 6B, 43, 6F, 75, 6E, 74, 00, 6E, 74, 6F, 73, 6B, 72, 6E, 6C, 2E, 65, 78, 65, 00, 00, 00, 00, 5F, 53, 74, 61...
 
[+]

Entropy:
6.4009

Code size:
384 Bytes (384 bytes)

Driver
Display name:
SK-NDIS LightWeight Filter

Service name:
sk-ndis-lwf

Type:
Kernel device driver (KernelDriver)

Group:
NDIS


Scan sk_ndis.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.