home

win32dd.sys

Suiche Matthieu Bapthiste

It runs as a Windows 64-bit kernel mode device driver named “win32dd”.
Publisher:
Suiche Matthieu Bapthiste  (signed and verified)

MD5:
df8facb0ee756ec2950ed11df05d9518

SHA-1:
7030d1a09120a68c0696fff4d5977efafa9dc210

SHA-256:
935f5b9d6570d62960623ded1637ed09fa39ccac1220f7a8e947b300f6914d1e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 11:03:53 AM UTC  (today)

File size:
52.5 KB (53,736 bytes)

File type:
Driver (Win64 SYS)

Digital Signature
Signed by:
Suiche Matthieu Bapthiste

Authority:
GlobalSign nv-sa

Valid from:
4/7/2010 4:05:15 PM

Valid to:
4/8/2011 4:05:09 PM

Subject:
E=support@moonsols.com, CN=Suiche Matthieu Bapthiste, OU=MoonSols, O=Suiche Matthieu Bapthiste, L=NAUROY, S=Picardie, C=FR

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
01000000000127D8E87F79

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
768:KPbyXKDARyhNzGkYxTYXFe8GeTXkckgTTZmFQqnC5bDC+iiy1M:KPbyXypzGkYxTGA9eb7TqiC+iiy1M

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, B0, 64, FF, FF, CC, CC, 78, A5, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 5C, AA, 00, 00, 00, 86, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, A8, A6, 00, 00, C2, A6, 00, 00, D0, A6, 00, 00, DA, A6, 00, 00, F2, A6, 00, 00, 0A, A7, 00, 00, 1E, A7, 00, 00, 2A, A7, 00, 00, 34, A7, 00, 00, 46, A7, 00, 00, 5E, A7, 00, 00, 76, A7, 00, 00, 86, A7, 00, 00, 9C, A7, 00, 00, B0, A7, 00, 00, C8, A7, 00, 00, E0, A7, 00, 00, F0, A7...
 
[+]

Entropy:
6.8674

Driver
Display name:
win32dd

Type:
Kernel device driver (KernelDriver)


Scan win32dd.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.