home

thilmera0b.sys

Gakuto Matsumura

It runs as a Windows kernel mode device driver named “thilmera0 0b81b”.
Publisher:
Gakuto Matsumura  (signed and verified)

MD5:
e4bd48801f8ddd93b5df659f1828a76f

SHA-1:
b8e4099a0959844898042987b789b4a2674664aa

SHA-256:
cf3da08ec67e67680e2971d34bdb659333c57e49f4800ad480845ff1222850a2

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/16/2024 3:51:08 AM UTC  (today)

File size:
12.2 KB (12,488 bytes)

File type:
Driver (Win32 SYS)

Digital Signature
Signed by:
Gakuto Matsumura

Authority:
GlobalSign nv-sa

Valid from:
7/22/2012 9:45:21 AM

Valid to:
4/2/2014 6:29:33 PM

Subject:
CN=Gakuto Matsumura, C=JP

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11212E590E90125C04B1C9638A26F90F2019

File PE Metadata
Compilation timestamp:
1/3/2013 10:56:30 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
192:IeULmV7F1vbZS37QeEu88TgBxe1HCjm+fjTl01VmHsxxm0/Uwy:jz7F1E37Ld8pK5+PYVjY0/Uw

Entry address:
0x113E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 48, F7, FF, FF, CC, CC, A4, 11, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 6C, 12, 00, 00, 98, 0D, 00, 00, 8C, 11, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, DE, 12, 00, 00, 80, 0D, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, B2, 12, 00, 00, A0, 12, 00, 00, 8C, 12, 00, 00, 7A, 12, 00, 00, C6, 12, 00, 00, 00, 00, 00, 00, 3C, 12, 00, 00, 24, 12, 00, 00, 0E, 12, 00, 00, F6, 11, 00, 00, DE, 11, 00, 00, 5C, 12, 00, 00, 4E, 12...
 
[+]

Entropy:
6.7186

Code size:
2.8 KB (2,816 bytes)

Driver
Display name:
thilmera0 0b81b

Type:
Kernel device driver (KernelDriver)


Scan thilmera0b.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.