home

xxlhasp.sys

NGO

It runs as a Windows kernel mode device driver named “XXLHASP”.
Publisher:
NGO  (signed and verified)

MD5:
986b69a8118386a284042dcea9953a9d

SHA-1:
3c00c8b912d1339ad8e4d748f05356aba4780b3e

SHA-256:
350899f7a3510651d6eccb85517b8d3b332219bdcec4ef99eed17dd84ae350a6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 1:40:41 PM UTC  (today)

File size:
847 KB (867,328 bytes)

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\xxlhasp.sys

Digital Signature
Signed by:
NGO

Authority:
NGO

Valid from:
8/4/2009 3:55:45 PM

Valid to:
1/1/2040 12:59:59 AM

Subject:
CN=NGO

Issuer:
CN=NGO

Serial number:
CB213AC9B9E9FE9B4366E084CAE30A53

File PE Metadata
Compilation timestamp:
1/7/2010 4:23:44 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
7.10

CTPH (ssdeep):
24576:RHl79bdNstw4JD6VA99g/MwtvUMB1dnZOBfXYPI9G:RHZOuHVAw//UQDoB2

Entry address:
0xCDD90

Entry point:
68, 44, 35, 94, 28, E8, AA, 2B, 00, 00, 00, 00, 45, 78, 46, 72, 65, 65, 50, 6F, 6F, 6C, 00, E9, 6F, F7, FF, FF, 9C, 8D, 64, 24, 30, 0F, 85, FA, F6, FF, FF, 0F, BD, F3, 84, F8, 66, 01, F6, 89, F9, 66, 81, CE, A9, E0, 29, D9, 66, 0F, BE, F1, 9C, 66, FF, CE, 0F, BD, F7, 8D, 74, 24, 04, 8D, 64, 24, 04, F6, C3, 85, 83, EF, 04, F5, 0F, BA, E2, 0E, FF, 37, 9C, C6, 04, 24, 2A, 39, DF, E9, 08, E3, FF, FF, F3, CB, DF, 60, C7, 42, 25, 5F, 74, 4C, 2E, 42, 6E, 10, 3F, 8D, 1F, A7, 98, 9D, 54, EA, EE, 31, 5D, 38, 4E, 13...
 
[+]

Code size:
843 KB (863,232 bytes)

Driver
Display name:
XXLHASP

Type:
Kernel device driver (KernelDriver)

Depends on:
Hardlock


Scan xxlhasp.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.