» tizeq64.sys
Overview
Analysis
File Details
Behaviors (1)

tizeq64.sys

Tomislav Zubcic

It runs as a Windows 64-bit kernel mode device driver named “tizeqdrv”.

File name:

tizeq64.sys

Publisher:

Tomislav Zubcic (signed and verified)

MD5:

5c049741e220dc6fe3d7469528b787ea

SHA-1:

81eece737c64960b1187f209bff62c851eeb7215

SHA-256:

0ebf5c0e1fc5613cad9c0f663e10110d2b44673cc04ef3368ce8b1fdd8bed212

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

5/3/2025 6:38:40 PM UTC (today)

Scan engine

Detection

Engine version

Comodo Security

UnclassifiedMalware

17073

McAfee

Generic Obfuscated.c

5600.7246

File size:

167.7 KB (171,704 bytes)

File type:

Driver (Win64 SYS)

Common path:

C:\users\{user}\appdata\roaming\tzac2\tizeq64.sys

Digital Signature

Signed by:

Tomislav Zubcic

Authority:

GlobalSign nv-sa

Valid from:

8/25/2011 2:55:20 PM

Valid to:

7/25/2012 4:05:18 PM

Subject:

CN=Tomislav Zubcic, C=HR

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121A766DBF7828D34AE4359F29127FBC4C0

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

3072:5yRkd7sx7PFjXiz6ownT+RLmNm/xEbf+SIY+kpK+K0Fn8n+zjy6NaAqC:kRkd7e9TizbwiFxqnZ+9+K0Fn8nGuSak

Entry point:

E9, 8C, 3E, 00, 00, 0F, 83, 00, 30, 00, 00, 0F, 84, BF, 0B, 00, 00, F5, F5, 2C, 30, 66, 0F, A3, E9, 0F, 8E, DD, FC, FF, FF, F9, 66, 0F, BA, E3, 0B, 3C, 09, E9, BF, F3, FF, FF, 50, E9, F6, 2A, 00, 00, 48, 89, EC, 66, 0F, B6, E8, 5D, C3, E9, 71, DC, FF, FF, 68, AD, EF, DD, FF, E9, BE, 31, 00, 00, 24, C1, 48, 29, FB, F6, C3, E2, 38, EF, 48, 01, E3, 66, F7, D7, 66, 0F, AB, EF, 66, C1, D7, 02, 48, 89, DF, 14, C7, F6, D8, 1C, 4C, 28, D8, B0, 2E, F5, 84, F3, F8, 85, DE, F2, AE, E9, F1, 11, 00, 00, E9, 59, 02, 00... 
[+]

Packer / compiler:

Xtreme-Protector v1.05

Driver

Display name:

tizeqdrv

Type:

Kernel device driver (KernelDriver)

Scan tizeq64.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.