home

Vba32mNT.sys

Windows Win 7 DDK driver

VIRUSBLOKADA LTD.

It runs as a Windows kernel mode device driver named “Vba32mNT”.
Publisher:
Windows (R) Win 7 DDK provider  (signed by VIRUSBLOKADA LTD.)

Product:
Windows (R) Win 7 DDK driver

Description:
Vba32 Monitor driver

Version:
3.12

MD5:
ffbf047643db08c14a28d2b2bacec791

SHA-1:
499022d058b5bba1175deca25567207f5bb05cdf

SHA-256:
9df798577410873432b089c5e367e5600487aa9bdfb377da13e69c05fd0ecb4f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 3:40:19 AM UTC  (today)

File size:
83.3 KB (85,312 bytes)

Product version:
6.1.7600.16385

Copyright:
Copyright © VirusBlokAda Ltd. All rights reserved.1993-2008

Original file name:
Vba32mNT.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Program Files\vba32\vba32mnt.sys

Digital Signature
Signed by:
VIRUSBLOKADA LTD.

Authority:
VeriSign, Inc.

Valid from:
1/29/2010 2:00:00 AM

Valid to:
1/31/2012 1:59:59 AM

Subject:
CN=VIRUSBLOKADA LTD., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=VIRUSBLOKADA LTD., L=Minsk, S=none, C=BY

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2BEF4F72149367BCC7775D0000909C1D

File PE Metadata
Compilation timestamp:
10/11/2010 11:38:55 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
768:BJBD/N/Xk8xURUxJfwpwWIrQh5bio+cUB9RqNxbqc8WwuMefGujsvWs20oWL1bCH:DBBvUfprIrkinz9RqNl3BJ5X0TxCfDT

Entry address:
0x114BE

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, CE, 78, FF, FF, CC, CC, 20, 15, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 6C, 1E, 01, 00, 14, BB, 00, 00, 0C, 15, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, CE, 1E, 01, 00, 00, BB, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, A6, 1E, 01, 00, 90, 1E, 01, 00, 7A, 1E, 01, 00, BA, 1E, 01, 00, 00, 00, 00, 00, 06, 17, 01, 00, 20, 17, 01, 00, 42, 17, 01, 00, 5E, 17, 01, 00, 76, 17, 01, 00, 80, 17, 01, 00, 94, 17, 01, 00, AC, 17...
 
[+]

Code size:
48.3 KB (49,408 bytes)

Driver
Display name:
Vba32mNT

Type:
Kernel device driver (KernelDriver)


Scan Vba32mNT.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.