tizeq32.sys

Tomislav Zubcic

It runs as a Windows kernel mode device driver named “tizeqdrv”.
Publisher:
Tomislav Zubcic  (signed and verified)

MD5:
5f048c5b946d5b03627cfce23721e330

SHA-1:
52f1ed5270459e430ed63a723e430df09403a402

SHA-256:
7ebc718775f7a4f732b4c7286540e343de949c61fbc9357acc6fa8c9d9096527

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
9/26/2017 1:34:31 PM UTC  (today)

File size:
131.2 KB (134,328 bytes)

File type:
Driver (Win32 SYS)

Common path:
C:\users\{user}\appdata\roaming\tzac2\tizeq32.sys

Digital Signature
Signed by:

Authority:
GlobalSign nv-sa

Valid from:
8/25/2011 2:55:20 PM

Valid to:
7/25/2012 4:05:18 PM

Subject:
CN=Tomislav Zubcic, C=HR

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121A766DBF7828D34AE4359F29127FBC4C0

File PE Metadata
Compilation timestamp:
6/11/2012 1:37:46 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
3072:RfrLIaE/KlI0WqoR3oddK+3BX1JIjv9WAwgilNCNLIquKC:trNE/KldW/YdHFIrsAwginUDuKC

Entry address:
0x82175

Entry point:
E9, 0E, F4, FF, FF, 34, DF, 53, 88, 6C, 24, 04, FE, C0, 0F, BA, E5, 11, 34, 83, E8, E1, F9, FF, FF, 00, 00, 00, 00, 1E, 83, 03, 5C, 3A, 7A, 96, FB, 21, 01, 6B, 24, FD, BF, 55, BC, 5A, 84, CF, A6, B2, 9C, 2A, 24, 71, 65, 31, AB, 1A, 78, 9B, FD, 88, 70, 95, DB, AA, D7, 7B, A7, 6A, 9F, DD, F5, B6, DC, 05, 39, E5, 60, B5, 4B, BA, 54, 17, C0, D0, 38, E2, 8C, 88, 22, AD, 74, 6C, D6, 80, D2, B7, 69, 92, E1, 56, 35, DC, 37, A3, CB, AF, 2C, 98, 0B, 87, 87, 35, 88, 56, F0, 66, 6E, 7E, 14, FD, 15, FD, 13, 9E, 01, 53...
 
[+]

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
11.5 KB (11,776 bytes)

Driver
Display name:
tizeqdrv

Type:
Kernel device driver (KernelDriver)


Scan tizeq32.sys - Powered by Reason Core Security