» venofw.sys
Overview
Analysis
File Details
Behaviors (1)

venofw.sys

Veno

Veno Technology (Beijing) Ltd.

It runs as a Windows kernel mode device driver named “Venofw service”.

File name:

venofw.sys

Publisher:

Veno Technology(Beijing) Ltd (signed by Veno Technology (Beijing) Ltd.)

Product:

Veno

Description:

VenoFW Driver

Version:

3.0.6.0 built by: WinDDK

MD5:

59550904bc7301abfed0634ba0380f02

SHA-1:

49e988195d170e39b14454211c241aa5ca3b20b8

SHA-256:

50f9b846f7b34c9fb5c2aa81e551194b99b3c1073abcf3a0aa1af3a38fdc8be8

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/26/2024 4:52:44 AM UTC (today)

File size:

75.9 KB (77,760 bytes)

Product version:

3.0.6

Veno Technology(Beijing) Ltd

Original file name:

Vsk-Driver.sys

File type:

Driver (Win32 SYS)

Common path:

C:\Windows\System32\drivers\venofw.sys

Digital Signature

Signed by:

Veno Technology (Beijing) Ltd.

Authority:

VeriSign, Inc.

Valid from:

4/20/2011 8:00:00 AM

Valid to:

4/20/2014 7:59:59 AM

Subject:

CN=Veno Technology (Beijing) Ltd., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Veno Technology (Beijing) Ltd., L=Beijing, S=Beijing, C=CN

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

738996FC4950E72F23B73C301F5118D5

File PE Metadata

Compilation timestamp:

12/16/2010 5:12:50 PM

OS version:

6.1

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

9.0

CTPH (ssdeep):

1536:NvY7Tf9rCDqN48vZF6s8IcFST5uFPxYTWUMW8h/AKoV:m7TfhGZ8BF6BFbPqtMfhA

Entry address:

0xF52C

Entry point:

8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, CA, FD, FF, FF, 56, 00, 65, 00, 6E, 00, 6F, 00, 66, 00, 77, 00, 00, 00, CC, CC, 6C, F6, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 8C, F8, 00, 00, 50, DF, 00, 00, 9C, F5, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, DE, F8, 00, 00, 80, DE, 00, 00, AC, F5, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 80, FD, 00, 00, 90, DE, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, AE, F8, 00, 00, 9A, F8, 00, 00, C2, F8, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.6094

Code size:

57.3 KB (58,624 bytes)

Driver

Display name:

Venofw service

Service name:

Venofw

Type:

Kernel device driver (KernelDriver)

Scan venofw.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.