home

sptd.sys

SCSI Pass Through Direct

Duplex Secure Ltd

It runs as a Windows 64-bit kernel mode device driver named “sptd”.
Publisher:
Duplex Secure Ltd.  (signed by Duplex Secure Ltd)

Product:
SCSI Pass Through Direct

Description:
SCSI Pass Through Direct Host

Version:
1.76.0.0 built by: WinDDK

MD5:
4b3f898dc1378ced2f35d04e5b0ce0df

SHA-1:
407a9f58caf58d156f4c1a82bd93bbec295dd662

SHA-256:
d49ac7e72c2e57011308f6aa9c259c197853d5778187821c0bb83842e083b7d5

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/10/2024 1:59:17 PM UTC  (today)

File size:
501.1 KB (513,080 bytes)

Product version:
1.76.0.0

Copyright:
Copyright (C) 2004

Original file name:
sptd.sys

File type:
Driver (Win64 SYS)

Common path:
C:\Windows\System32\drivers\sptd.sys

Digital Signature
Signed by:
Duplex Secure Ltd

Authority:
VeriSign, Inc.

Valid from:
7/21/2010 3:00:00 AM

Valid to:
8/22/2013 2:59:59 AM

Subject:
CN=Duplex Secure Ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Duplex Secure Ltd, S=Nevis, C=KN

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
621126C5A45D51531C0B913750EBA75C

File PE Metadata
Compilation timestamp:
11/23/2010 2:47:37 PM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
12288:IAjX/U4L6pRY2lv52MNiqNuvyVu6I6ar+aaoMTqbeG/Kf772BM:ISfL6LJqMNipWu6I6aFavceJD6BM

Entry address:
0x15C47A

Entry point:
E9, FB, 67, FA, FF, E9, DC, 21, FC, FF, E9, C6, A6, F8, FF, E9, D7, B2, FB, FF, 00, 00, 77, 63, 73, 73, 74, 72, 00, 0F, 82, C3, F6, FF, FF, F8, F9, 48, 3B, 45, F0, E9, CC, E8, FF, FF, 20, 32, F1, DC, 78, 88, DE, 9D, EF, 42, 86, 78, 85, 1D, 2A, B4, 27, 5F, 6E, 1E, 84, BC, DF, B4, AE, 69, A0, 77, BF, F9, 0F, 08, 34, D0, 95, 72, 41, 03, 9A, 29, 13, 24, 2A, D4, F3, 76, 07, 32, 0B, 6C, 1D, FD, 12, 81, 45, 41, C2, F7, 4B, 9C, 57, D9, F0, FC, 21, CC, B9, 02, 42, F7, 89, AB, 9C, A4, C3, D0, A6, C9, 16, CB, AF, 8F...
 
[+]

Entropy:
7.8823

Packer / compiler:
Xtreme-Protector v1.05

Code size:
538.5 KB (551,424 bytes)

Driver
Display name:
sptd

Type:
Kernel device driver (KernelDriver)

Group:
Boot Bus Extender


Scan sptd.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.