home

unhooker.sys

X-Wire Technology

It runs as a Windows 64-bit file system device driver named “UnHooker”.
Publisher:
X-Wire Technology  (signed and verified)

MD5:
dd2d86f8bb920da702dded03a1968f03

SHA-1:
8f7715497a5d262e221a90176bc0f038e09cd627

SHA-256:
deecd7718fc89aa994414b97d76b005e1cf16aed5443b9ee2af5060aa1496492

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 5:37:15 PM UTC  (today)

File size:
24.8 KB (25,400 bytes)

File type:
Driver (Win64 SYS)

Common path:
C:\Windows\System32\drivers\unhooker.sys

Digital Signature
Signed by:
X-Wire Technology

Authority:
VeriSign, Inc.

Valid from:
5/7/2009 9:00:00 PM

Valid to:
5/8/2010 8:59:59 PM

Subject:
CN=X-Wire Technology, OU=Software, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=X-Wire Technology, L=Chapel Hill, S=NorthCarolina, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3556C542921B5069D822646567D04440

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
192:cZtMzZudnlxHiG9bVb9C0Yxa3MGRIem9S+ehf33pT1X0ISPpo6n7J7CyowJL/aM/:jCHd9bBgrLebafPpd7kYJLWBneXbH

Entry point:
8B, FF, 55, 8B, EC, A1, 00, 60, 01, 00, 85, C0, B9, 4E, E6, 40, BB, 74, 04, 3B, C1, 75, 1A, A1, E4, 50, 01, 00, 8B, 00, 35, 00, 60, 01, 00, A3, 00, 60, 01, 00, 75, 07, 8B, C1, A3, 00, 60, 01, 00, F7, D0, A3, 04, 60, 01, 00, 5D, E9, 3B, C4, FF, FF, CC, 90, 70, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 4E, 76, 00, 00, 10, 50, 00, 00, 80, 70, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, A4, 76, 00, 00, 00, 50, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 7C, 76, 00, 00, 68...
 
[+]

Driver
Display name:
UnHooker

Description:
Tizer File System Driver

Type:
File system 'filter' driver (FileSystemDriver)

Group:
File System


Scan unhooker.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.