» slicdr86.sys
Overview
Analysis
File Details
Behaviors (1)

slicdr86.sys

OEM-SLP2.1 ACPI Patch Driver (HPD86)

Windows 7 Loader XE

It runs as a Windows kernel mode device driver named “SLIC Driver 1.1.0.4”.

File name:

slicdr86.sys

Publisher:

secr9tos (signed by Windows 7 Loader XE)

Product:

OEM-SLP2.1 ACPI Patch Driver (HPD86)

Description:

oem-drv.sys is used to privode SLIC2.1 support for OEM activation of WindowsNT6.1 based systems.

Version:

1.1.0.4 built by: WinDDK

MD5:

de2f93aa207d94ce11658a8cdafe1926

SHA-1:

9529e15432fdbf366e9b567e1ec0700ceed891c6

SHA-256:

081fa59d5522f0df5e08c8d550b2f1bffd1c22ca862f82a665447f71861123b7

Scanner detections:

3 / 68

Status:

Clean (3 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/23/2024 4:29:10 PM UTC (today)

Scan engine

Detection

Engine version

Baidu Antivirus

Hacktool.Win32.HackKMS

4.0.3.151123

Dr.Web

hacktool program Tool.FakeSLIC.2

9.0.1.05190

ESET NOD32

Win32/HackKMS.M potentially unsafe application

7.0.302.0

File size:

9.5 KB (9,704 bytes)

Product version:

1.1.0.4

Original file name:

oem-drv.sys

File type:

Driver (Win32 SYS)

Common path:

C:\Windows\System32\drivers\slicdr86.sys

Digital Signature

Signed by:

Windows 7 Loader XE

Authority:

Windows 7 Loader XE

Valid from:

12/31/1899 11:00:00 PM

Subject:

CN=Windows 7 Loader XE

Issuer:

CN=Windows 7 Loader XE

Serial number:

E5844574E087B08C408DD8D6EFE43DD8

File PE Metadata

Compilation timestamp:

5/18/2010 4:37:29 PM

OS version:

6.1

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

9.0

CTPH (ssdeep):

192:iktBVwv8w0XFEhhNAOxJOtBM1wAYngSWh:iktBSv8rFEhk7tBM10ngSK

Entry address:

0x41D6

Entry point:

8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 20, FE, FF, FF, CC, CC, 2C, 42, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 52, 43, 00, 00, 08, 20, 00, 00, 24, 42, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 6E, 43, 00, 00, 00, 20, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 60, 43, 00, 00, 00, 00, 00, 00, 8E, 42, 00, 00, A6, 42, 00, 00, BE, 42, 00, 00, CE, 42, 00, 00, D8, 42, 00, 00, E2, 42, 00, 00, 7C, 42, 00, 00, 0C, 43, 00, 00, 18, 43, 00, 00, 22, 43, 00, 00, 34, 43... 
[+]

Code size:

4 KB (4,096 bytes)

Driver

Display name:

SLIC Driver 1.1.0.4

Service name:

SLICDR

Type:

Kernel device driver (KernelDriver)

Group:

Boot Bus Extender

Scan slicdr86.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.