home

V3ElamDr.sys

AhnLab V3 Internet Security 9.0

Microsoft Corporation

Publisher:
AhnLab, Inc.  (signed by Microsoft Corporation)

Product:
AhnLab V3 Internet Security 9.0

Description:
V3 Early Launch Anti-Malware Driver

Version:
9.0.0.5

MD5:
5705bcd27c48211e7015e74d9ea00014

SHA-1:
012187d43850d236eb76afee6698b6335642cf72

SHA-256:
99a97165b73d75909de4981042370f31ff05ad3774206bcab178ea59c4f54483

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
4/25/2024 12:17:36 PM UTC  (today)

File size:
21.6 KB (22,088 bytes)

Product version:
9.0.0.1

Copyright:
Copyright (C) AhnLab, Inc. 1988-2012. All rights reserved.

Original file name:
V3ElamDr.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Program Files\ahnlab\v3is90\mupdate2\update\patch\d3\win\p\asd_f\nt32_av\v3elamdr.sys

Digital Signature
Signed by:
Microsoft Corporation

Authority:
Microsoft Corporation

Valid from:
9/25/2013 2:35:59 AM

Valid to:
12/25/2014 2:35:59 AM

Subject:
CN=Microsoft Windows Early Launch Anti-malware Publisher, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA 2010, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
33000000353AFBBA2861C70171000000000035

File PE Metadata
Compilation timestamp:
5/26/2014 9:22:31 PM

OS version:
6.2

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
11.0

CTPH (ssdeep):
384:B2k/Ugn/WIanekDnxDWLyRj6lFLqcneKg:B9/Ugn/WIaneuxKy1M1nng

Entry address:
0x24AE

Entry point:
8B, FF, 55, 8B, EC, E8, 4E, 2C, 00, 00, 5D, E9, 1C, FF, FF, FF, CC, CC, CC, CC, CC, CC, E8, 31, 00, 00, 00, C2, 08, 00, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, A1, 54, 48, 40, 00, 85, C0, 74, 0C, 3D, D2, 24, 40, 00, 74, 05, FF, 75, 08, FF, D0, E8, 09, 00, 00, 00, 5D, C2, 04, 00, CC, CC, CC, CC, CC, 8B, FF, 56, BE, 1C, 40, 40, 00, 56, E8, 6C, 00, 00, 00, FF, 35, 58, 48, 40, 00, 56, 68, 70, 4A, 40, 00, E8, 23, 01, 00, 00, 5E, C3, CC, CC, CC, CC, CC, 8B, FF, 57, B8, 50, 40, 40, 00, BF, 58, 40, 40, 00, 3B...
 
[+]

Entropy:
6.5820

Code size:
9 KB (9,216 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.