home

xxlhasp.sys

NGO

It runs as a Windows 64-bit kernel mode device driver named “XXLHASP”.
Publisher:
NGO  (signed and verified)

MD5:
0c6ff042425495384e1153b9c190db4a

SHA-1:
6bebb43392e48ce3c3c7e08c6fa1866038c105ef

SHA-256:
4869eb4f9540b7982ca1a20fef6a79779a76d4e10d3062122e4f220d3ec6d718

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 11:37:27 PM UTC  (a few moments ago)

File size:
282 KB (288,768 bytes)

File type:
Driver (Win64 SYS)

Common path:
C:\Windows\System32\drivers\xxlhasp.sys

Digital Signature
Signed by:
NGO

Authority:
NGO

Valid from:
8/4/2009 8:55:45 AM

Valid to:
12/31/2039 5:59:59 PM

Subject:
CN=NGO

Issuer:
CN=NGO

Serial number:
CB213AC9B9E9FE9B4366E084CAE30A53

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
6144:HnjhGTMgExxD3yVJeenLWscmaFaFFLn+RZi4YbPoQQnnbQunqHHR+z7KS+SaZxD:HnjhcMg4D3yVgenLomaWFrQZi3bWbcRl

Entry point:
48, 53, 48, 83, EC, 30, 48, 8B, D9, 48, 8D, 0D, 64, B4, 00, 00, 33, D2, FF, 15, 5C, 91, 00, 00, 48, 8D, 0D, F5, B3, 00, 00, 33, D2, FF, 15, 4D, 91, 00, 00, 48, 8D, 0D, E6, B3, 00, 00, 45, 33, C9, 45, 33, C0, 33, D2, 48, C7, 44, 24, 20, 00, 00, 00, 00, FF, 15, 07, 91, 00, 00, 85, C0, 75, DE, 48, 8B, CB, E8, 47, FB, FF, FF, 48, 8D, 0D, BC, B3, 00, 00, 33, D2, 8B, D8, FF, 15, E2, 90, 00, 00, 8B, C3, 48, 83, C4, 30, 5B, C3, CC, CC, 48, 53, 48, 81, EC, A0, 00, 00, 00, 4C, 0F, 20, C0, 33, DB, 3A, C3, 74, 13, 48...
 
[+]

Entropy:
7.7237  (probably packed)

Driver
Display name:
XXLHASP

Type:
Kernel device driver (KernelDriver)

Depends on:
Hardlock


Scan xxlhasp.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.