home

xsnort_i64.sys

TWIDS Filter Driver for IA64.

China University of Technology

Publisher:
China University of Technology.  (signed by China University of Technology)

Product:
TWIDS Filter Driver for IA64.

Version:
1.6.0.0 built by: WinDDK

MD5:
3fbcf6a2cd72dc9c274814597315fd50

SHA-1:
a271889de8a4a4c98dfb16393f0ab4d56a0f3d54

SHA-256:
82d0d6cdd984eff992ad76aeed54f73dbe6bf844b3c871e43faefea0bc7ef50a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 4:37:19 PM UTC  (today)

File size:
288.6 KB (295,504 bytes)

Product version:
1.6.0.0

Copyright:
Copyright (C) China University of Technology.

Original file name:
XSnort.sys

File type:
Driver (Win64 SYS)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\twids 2-release\xsetup\xsnort_i64.sys

Digital Signature
Signed by:
China University of Technology

Authority:
GlobalSign nv-sa

Valid from:
9/6/2011 3:01:54 PM

Valid to:
9/6/2012 3:01:54 PM

Subject:
CN=China University of Technology, OU=China University of Technology, O=China University of Technology, L=Taipei, S=Taiwan, C=TW

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121BA635B94B70D9A564E99D920C2A99E1C

File PE Metadata
Compilation timestamp:
7/31/2012 10:36:09 PM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
6144:J3x+F9V7p8a+XTcOjNnzRVSfZxxWwIP74XOXHbOkScnjSC/:r6OZxwIzbnScnjSm

Entry address:
0x42020

Entry point:
20, C7, 05, 00, 00, 00, 00, 00, 00, 80, 25, 00, 00, 00, 00, 00, 20, 71, 04, 00, 00, 00, 00, 00, 00, 80, 25, 00, 00, 00, 00, 00, C0, 70, 04, 00, 00, 00, 00, 00, 00, 80, 25, 00, 00, 00, 00, 00, 80, 96, 02, 00, 00, 00, 00, 00, 00, 80, 25, 00, 00, 00, 00, 00, C0, 8D, 02, 00, 00, 00, 00, 00, 00, 80, 25, 00, 00, 00, 00, 00, 00, 8D, 02, 00, 00, 00, 00, 00, 00, 80, 25, 00, 00, 00, 00, 00, E0, 8B, 02, 00, 00, 00, 00, 00, 00, 80, 25, 00, 00, 00, 00, 00, 40, 88, 02, 00, 00, 00, 00, 00, 00, 80, 25, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.7402

Code size:
254.5 KB (260,608 bytes)

Scan xsnort_i64.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.