home

tizek64.sys

Tomislav Zubcic

It runs as a Windows 64-bit kernel mode device driver named “tizekdrv”.
Publisher:
Tomislav Zubcic  (signed and verified)

MD5:
a808347708c36d6d90bff27813fbbaaf

SHA-1:
9042db5b40049321c31e6da1cad40680557e9301

SHA-256:
61c15d4819f518352c0ba5946d209f093329087246be8540483308fdb6d77ebe

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 9:40:03 PM UTC  (today)

File size:
236.2 KB (241,848 bytes)

File type:
Driver (Win64 SYS)

Common path:
C:\users\{user}\appdata\roaming\tzac\tizek64.sys

Digital Signature
Signed by:
Tomislav Zubcic

Authority:
GlobalSign nv-sa

Valid from:
8/25/2011 2:55:20 PM

Valid to:
7/25/2012 4:05:18 PM

Subject:
CN=Tomislav Zubcic, C=HR

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121A766DBF7828D34AE4359F29127FBC4C0

File PE Metadata
Compilation timestamp:
8/31/2011 5:37:43 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
3072:bKFK/jYb26qp54tyUnEkilyvyydOAWkVLbcEEswtg7jZFAbVfWrt+ezf9sRVpt2t:uzdvVOtxC7lFoWhbCoo0

Entry address:
0x35484

Entry point:
E9, 7D, 3A, 00, 00, 50, F0, 1F, FD, FD, 86, E7, 92, 66, D6, B4, 3F, C2, 5B, F0, 79, 44, A5, BD, C3, C5, 4F, 0D, 26, 6B, 61, 9C, BF, 0E, 99, 12, 87, 17, CA, 36, 35, CA, 8A, 97, A0, 69, 1F, 5C, 9D, 7D, 72, A9, E5, C1, 08, 4E, 4B, 35, 24, 7C, D4, 55, 52, C2, 04, B9, EA, D2, 23, 15, 38, 93, D6, 17, 84, 35, E4, 3D, 9C, C1, 91, 4E, 3C, 03, 4B, 8E, 54, 46, 66, 10, A3, EC, 94, 1E, D6, A7, 44, 55, E6, DB, F9, E2, 87, C3, A8, 3D, 02, 20, 70, C8, EB, 6C, 1B, D9, 4D, E9, 02, FB, FF, FF, FF, D0, 66, 0F, BA, EB, 0F, D2...
 
[+]

Packer / compiler:
Xtreme-Protector v1.05

Code size:
5 KB (5,120 bytes)

Driver
Display name:
tizekdrv

Type:
Kernel device driver (KernelDriver)


Scan tizek64.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.