home

trojandriver.sys

中国民生银行股份有限公司

Publisher:
AntiTrojan  (signed by 中国民生银行股份有限公司)

Product:
AntiTrojan

Version:
1.0.1.0 built by: WinDDK

MD5:
fcd6643962c77d8b029779b05241fdb6

SHA-1:
42235c3657f54aacbd10da31979017b6065cab1d

SHA-256:
0226bd0b9404763c94e6758fe8e5773bc00a9a6f29b27a061773ec0061bef58e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/20/2024 10:56:34 PM UTC  (today)

File size:
365.8 KB (374,544 bytes)

Product version:
1.0.1.0

Copyright:
(C) 2008-2010 AntiTrojan. All Rights Reserved.

Original file name:
AntiTrojan.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Program Files\cmbc\ebankingassistant\antitrojan\trojandriver.sys

Digital Signature
Signed by:
中国民生银行股份有限公司

Authority:
GlobalSign nv-sa

Valid from:
11/8/2012 6:08:15 PM

Valid to:
11/9/2015 12:56:46 AM

Subject:
CN=中国民生银行股份有限公司, O=中国民生银行股份有限公司, L=北京, S=北京, C=CN

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121AB250CDB603264571A9CBCCAA9745E5D

File PE Metadata
Compilation timestamp:
7/4/2011 6:17:33 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
6144:0a5vSqDugcfhl6aGMs3qoF4VsjGu3gc8nzWY15hGIUBv3AYUvihH:cQWDQk5u3sWY15hGCYUs

Entry address:
0x5D03E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, DC, F0, FE, FF, CC, CC, 98, D0, 05, 00, 00, 00, 00, 00, 00, 00, 00, 00, C6, D5, 05, 00, 0C, 00, 05, 00, 8C, D0, 05, 00, 00, 00, 00, 00, 00, 00, 00, 00, FA, D5, 05, 00, 00, 00, 05, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, E2, D5, 05, 00, D4, D5, 05, 00, 00, 00, 00, 00, DC, D1, 05, 00, EC, D1, 05, 00, 02, D2, 05, 00, 18, D2, 05, 00, 2E, D2, 05, 00, 48, D2, 05, 00, 60, D2, 05, 00, 74, D2, 05, 00, 8C, D2, 05, 00, AA, D2...
 
[+]

Entropy:
6.6775

Code size:
315 KB (322,560 bytes)

Scan trojandriver.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.