home

xsnort_a64.sys

TWIDS Filter Driver for AMD64.

China University of Technology

Publisher:
China University of Technology.  (signed by China University of Technology)

Product:
TWIDS Filter Driver for AMD64.

Version:
1.6.0.0 built by: WinDDK

MD5:
2d5fbde86b2c772edfd291cd11aac572

SHA-1:
224233cee1d7afd6a4e38baacba3dbefad536c5b

SHA-256:
b72e15ee2f0f876927c712cd8f5665c57140956fa8f15df2b04e16754bedfe88

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 5:23:39 AM UTC  (today)

File size:
121.1 KB (123,984 bytes)

Product version:
1.6.0.0

Copyright:
Copyright (C) China University of Technology.

Original file name:
XSnort.sys

File type:
Driver (Win64 SYS)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\twids 2-release\xsetup\xsnort_a64.sys

Digital Signature
Signed by:
China University of Technology

Authority:
GlobalSign nv-sa

Valid from:
9/6/2011 3:01:54 PM

Valid to:
9/6/2012 3:01:54 PM

Subject:
CN=China University of Technology, OU=China University of Technology, O=China University of Technology, L=Taipei, S=Taiwan, C=TW

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121BA635B94B70D9A564E99D920C2A99E1C

File PE Metadata
Compilation timestamp:
7/31/2012 10:35:52 PM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
1536:xRiOhkGhqoJ3x9LLKswxq2MckD4XyXGZoYuTxbGJQ0qTYcQ+XJVQtPii:fxhx17F7H4kD4XyXGZVPJQ0NcQ+ZVGt

Entry address:
0x1F3DC

Entry point:
48, 83, EC, 28, 4C, 8B, C2, 4C, 8B, C9, E8, 95, FF, FF, FF, 49, 8B, D0, 49, 8B, C9, 48, 83, C4, 28, E9, 0E, FC, FF, FF, CC, CC, CC, CC, CC, CC, 58, 00, 53, 00, 6E, 00, 6F, 00, 72, 00, 74, 00, 00, 00, CC, CC, C8, F5, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, D0, F7, 01, 00, 78, 91, 01, 00, 50, F4, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 5C, FC, 01, 00, 00, 90, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, C4, F8, 01, 00, 00, 00, 00, 00, 44, FC, 01, 00...
 
[+]

Entropy:
6.5073

Code size:
96.5 KB (98,816 bytes)

Scan xsnort_a64.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.