home

uxddrv64.sys

ULTRA-X, INC.

It runs as a Windows 64-bit kernel mode device driver named “Dynamically loaded UxdDrv”.
Publisher:
ULTRA-X, INC.  (signed and verified)

MD5:
877cc040d59a4235b9c9a364b2546c1a

SHA-1:
13298ae2ea37337dd4db12079af2bb16776d862e

SHA-256:
ba4ca1bda848385a80eb44ab719a21dc76cc72259192cc626e190e335f9d115d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 9:35:39 PM UTC  (today)

File size:
7.1 KB (7,256 bytes)

File type:
Driver (Win64 SYS)

Digital Signature
Signed by:
ULTRA-X, INC.

Authority:
VeriSign, Inc.

Valid from:
6/16/2008 9:00:00 AM

Valid to:
6/17/2010 8:59:59 AM

Subject:
CN="ULTRA-X, INC.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="ULTRA-X, INC.", L=SANTA CLARA, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
29D06DF4958D359581A8F7454FE5BF15

File PE Metadata
Compilation timestamp:
4/3/2007 12:13:33 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
8.0

CTPH (ssdeep):
192:BDU1ojXBpDMjGwP7vM+pNT+ebMv0ZgjllMF:BKUxL4nFb606jA

Entry address:
0x2E0

Entry point:
48, 83, EC, 38, 48, 89, 4C, 24, 40, 48, B9, A8, 08, 01, 00, 00, 00, 00, 00, 48, BA, 60, 08, 01, 00, 00, 00, 00, 00, E8, 82, 04, 00, 00, 48, B9, B8, 08, 01, 00, 00, 00, 00, 00, 48, BA, 7E, 08, 01, 00, 00, 00, 00, 00, E8, 69, 04, 00, 00, 48, 8B, 4C, 24, 40, 48, B8, A7, 03, 01, 00, 00, 00, 00, 00, 48, 89, 41, 68, 48, B8, E4, 06, 01, 00, 00, 00, 00, 00, 48, 89, 41, 70, 48, 89, 81, 80, 00, 00, 00, 48, 89, 81, E0, 00, 00, 00, 48, BA, C8, 08, 01, 00, 00, 00, 00, 00, 48, 89, 54, 24, 30, 48, C7, 44, 24, 28, 00, 00...
 
[+]

Entropy:
6.7205

Code size:
1.7 KB (1,728 bytes)

Driver
Display name:
Dynamically loaded UxdDrv

Service name:
uxddrv

Type:
Kernel device driver (KernelDriver)


Scan uxddrv64.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.