home

trufosalt.sys

BitDefender Antivirus

BitDefender Test Certificate

Publisher:
BitDefender S.R.L.  (signed by BitDefender Test Certificate)

Product:
BitDefender Antivirus

Description:
Trufos Kernel Module

Version:
2.3.446.12457 Free Build built by: WinDDK

MD5:
c380e830a4bd08440e6757213f126db7

SHA-1:
3fffe985356e7776cb5d0b45bb2a3ff3f06fcf70

SHA-256:
639f15c29d7d7fb114826402c81c49076d2d286c74dad1c7f0ad75f9fb22e02b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2024 1:28:41 AM UTC  (today)

File size:
327.6 KB (335,504 bytes)

Product version:
14.0.0.0

Copyright:
(c) 2010 BitDefender S.R.L.

Original file name:
TRUFOS.SYS

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\trufosalt.sys

Digital Signature
Signed by:
BitDefender Test Certificate

Authority:
BitDefender Test Certificate

Valid from:
7/3/2006 9:22:31 AM

Valid to:
1/1/2040 12:59:59 AM

Subject:
CN=BitDefender Test Certificate

Issuer:
CN=BitDefender Test Certificate

Serial number:
7FC26313C76955974374AE1D04108BD5

File PE Metadata
Compilation timestamp:
10/19/2011 11:15:40 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
6144:/MAxNLXyetBUvP6CHYUn6OmduBwGrrPY4:kqNZjASCUOmduBwGQ4

Entry address:
0x5503E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, C2, BF, FA, FF, CC, CC, 40, 51, 05, 00, 00, 00, 00, 00, 00, 00, 00, 00, 30, 5D, 05, 00, A0, 90, 04, 00, 28, 51, 05, 00, 00, 00, 00, 00, 00, 00, 00, 00, 6E, 5D, 05, 00, 88, 90, 04, 00, A0, 50, 05, 00, 00, 00, 00, 00, 00, 00, 00, 00, A6, 5F, 05, 00, 00, 90, 04, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, E6, 62, 05, 00, AC, 62, 05, 00, 9A, 62, 05, 00, 84, 62, 05, 00, 68, 62, 05, 00, 4C, 62, 05, 00, 38, 62, 05, 00, 88, 5F...
 
[+]

Code size:
292 KB (299,008 bytes)

Scan trufosalt.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.