» slicdr86.sys
Overview
Analysis
File Details
Behaviors (1)

slicdr86.sys

OEM-SLP2.1 ACPI Patch Driver (HPD86)

Windows 7 Loader XE

It runs as a Windows kernel mode device driver named “SLIC Driver 1.1.0.4”.

File name:

slicdr86.sys

Publisher:

secr9tos (signed by Windows 7 Loader XE)

Product:

OEM-SLP2.1 ACPI Patch Driver (HPD86)

Description:

oem-drv.sys is used to privode SLIC2.1 support for OEM activation of WindowsNT6.1 based systems.

Version:

1.1.0.4 built by: WinDDK

MD5:

87f4d723a69627c79c18190224d0d7e8

SHA-1:

1facb22702bc41111af0a951ce6d8d687a0cce4e

SHA-256:

d41320e2554b14d1acc0c7ac1ce59b32ba063a6d2cccf26e3a4fd12bcf5c175b

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/26/2024 5:42:33 AM UTC (today)

Scan engine

Detection

Engine version

Dr.Web

hacktool program Tool.FakeSLIC.2

9.0.1.05190

ESET NOD32

Win32/HackKMS.M potentially unsafe application

6.3.12010.0

File size:

9.5 KB (9,704 bytes)

Product version:

1.1.0.4

Original file name:

oem-drv.sys

File type:

Driver (Win32 SYS)

Language:

English (United States)

Common path:

C:\Windows\System32\drivers\slicdr86.sys

Digital Signature

Signed by:

Windows 7 Loader XE

Authority:

Windows 7 Loader XE

Valid from:

12/31/1899 9:00:00 PM

Subject:

CN=Windows 7 Loader XE

Issuer:

CN=Windows 7 Loader XE

Serial number:

E5844574E087B08C408DD8D6EFE43DD8

File PE Metadata

Compilation timestamp:

5/18/2010 2:37:29 PM

OS version:

6.1

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

9.0

Entry address:

0x41D6

Entry point:

8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 20, FE, FF, FF, CC, CC, 2C, 42, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 52, 43, 00, 00, 08, 20, 00, 00, 24, 42, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 6E, 43, 00, 00, 00, 20, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 60, 43, 00, 00, 00, 00, 00, 00, 8E, 42, 00, 00, A6, 42, 00, 00, BE, 42, 00, 00, CE, 42, 00, 00, D8, 42, 00, 00, E2, 42, 00, 00, 7C, 42, 00, 00, 0C, 43, 00, 00, 18, 43, 00, 00, 22, 43, 00, 00, 34, 43... 
[+]

Entropy:

5.2238

Code size:

4 KB (4,096 bytes)

Driver

Display name:

SLIC Driver 1.1.0.4

Service name:

SLICDR

Type:

Kernel device driver (KernelDriver)

Group:

Boot Bus Extender

Scan slicdr86.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.