home

vrptcomn.sys

Virobot Common Self Protection driver

Hauri, Inc

It runs as a Windows kernel mode device driver named “vrptcomn”.
Publisher:
Hauri, Inc  (signed and verified)

Product:
Virobot Common Self Protection driver

Version:
2011, 5, 25, 1

MD5:
aa341f0e8ec4d51e586b78d7ef0c8a79

SHA-1:
6610a4269d22094f056937c7f6e3b81b39e83612

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 3:47:40 PM UTC  (today)

File size:
90.7 KB (92,912 bytes)

Product version:
2011, 5, 25, 1

Copyright:
Copyright (C) Hauri, Inc. 1998-2010. All Rights Reserved.

Original file name:
vrptcomn.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\vrptcomn.sys

Digital Signature
Signed by:
Hauri, Inc

Authority:
VeriSign, Inc.

Valid from:
5/30/2010 7:00:00 PM

Valid to:
6/30/2011 6:59:59 PM

Subject:
CN="Hauri, Inc", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Hauri, Inc", L=Jongno-gu, S=Seoul, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
22292528278A4CEBA59C8C55E67392B7

File PE Metadata
Compilation timestamp:
5/24/2011 7:47:19 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
8.0

CTPH (ssdeep):
384:hoTRJPI3g+RJ309N5vdVNlP3y7DIln4H5xFYJLIUbCl1M6j9cA:hiIt2HFdVuQlno5OL9bC3Mm9D

Entry address:
0x14285

Entry point:
8B, FF, 55, 8B, EC, A1, 80, 4A, 01, 00, 85, C0, B9, 4E, E6, 40, BB, 74, 04, 3B, C1, 75, 1A, A1, 3C, 49, 01, 00, 8B, 00, 35, 80, 4A, 01, 00, A3, 80, 4A, 01, 00, 75, 07, 8B, C1, A3, 80, 4A, 01, 00, F7, D0, A3, 84, 4A, 01, 00, 5D, E9, 15, C5, FE, FF, CC, EC, 42, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 5C, 47, 01, 00, 80, 48, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, B8, 43, 01, 00, C6, 43, 01, 00, DE, 43, 01, 00, E8, 43, 01, 00, FA, 43, 01, 00, 08, 44, 01, 00, 22...
 
[+]

Code size:
18.3 KB (18,688 bytes)

Driver
Display name:
vrptcomn

Type:
Kernel device driver (KernelDriver)


Scan vrptcomn.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.