home

staropen.sys

Rocket Division Software Ltd

It runs as a Windows file system device driver named “StarOpen”.
Publisher:
Rocket Division Software Ltd  (signed and verified)

MD5:
98cc62d026a7c6f53ad7f0a588917e37

SHA-1:
aa073c9a90c2d10a5f4811dbe4481c388bcacb00

SHA-256:
cc72c7cd04785dbe8120bc085b50176bd13c4b953437c205ebaddcc6b01e0dcc

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2024 3:16:23 PM UTC  (today)

File size:
12.1 KB (12,384 bytes)

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\staropen.sys

Digital Signature
Signed by:
Rocket Division Software Ltd

Authority:
VeriSign, Inc.

Valid from:
12/3/2009 1:00:00 AM

Valid to:
12/4/2011 12:59:59 AM

Subject:
CN=Rocket Division Software Ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Rocket Division Software Ltd, L=Road Town, S=Tortola, C=VG

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7E61DC5C0F982314DBBFC03344126EB3

File PE Metadata
Compilation timestamp:
1/14/2010 11:39:52 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
384:MBKCuoZYVEe/SfYqNYJLu1Sn2Mu6HbCE8wv:2ZY1k4LWS2MuCbCE8o

Entry address:
0x403E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 8A, D3, FF, FF, CC, CC, 78, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 54, 42, 00, 00, 00, 20, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, D4, 40, 00, 00, E2, 40, 00, 00, F0, 40, 00, 00, 06, 41, 00, 00, 18, 41, 00, 00, 30, 41, 00, 00, 48, 41, 00, 00, 60, 41, 00, 00, 6A, 41, 00, 00, 7E, 41, 00, 00, 92, 41, 00, 00, A0, 41, 00, 00, C0, 41, 00, 00, D4, 41, 00, 00, EC, 41, 00, 00, F6, 41, 00, 00, 10, 42, 00, 00, 28, 42...
 
[+]

Code size:
4 KB (4,096 bytes)

Driver
Display name:
StarOpen

Type:
File system 'filter' driver (FileSystemDriver)

Group:
Extended Base


Scan staropen.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.