home

zntport.sys

NTPort Library

LI Hai

It runs as a Windows 64-bit kernel mode device driver named “NTPort Library Driver”.
Publisher:
Zeal SoftStudio  (signed by LI Hai)

Product:
NTPort Library

Description:
NTPort Library kernel driver

Version:
2, 8, 3, 1

MD5:
518b04e0ebeab273135b4408b8ed97e6

SHA-1:
a8baef21d6f19c35f0f68ce663f1bdce418028bc

SHA-256:
9a7c779fa9487bd89816f3600a1b1efaa8c3438d15b311084cf99f0fcc49503e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/20/2024 5:13:28 AM UTC  (today)

File size:
12.1 KB (12,344 bytes)

Product version:
2, 8, 3, 1

Copyright:
Copyright (c)1997-2007 Hai Li, Zeal SoftStudio.

Original file name:
zntport.sys

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\zntport.sys

Digital Signature
Signed by:
LI Hai

Authority:
GlobalSign nv-sa

Valid from:
3/7/2007 11:20:52 AM

Valid to:
3/7/2008 11:20:52 AM

Subject:
E=zealsoft@gmail.com, CN=LI Hai, C=CN

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
010000000001112BB3725A

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
192:c9pL8PGkFZpOBl7VYW2oWp1wAoxhSF6OOoe068jSJUbueqH2P4PxTK1j:IL8OsXOBl7VWUf2OJ06dUb+C

Entry point:
55, 8B, EC, 83, EC, 5C, 56, 57, 6A, 08, 59, 6A, 0A, BE, 1C, 08, 01, 00, 8D, 7D, CC, F3, A5, 59, BE, 3C, 08, 01, 00, 8D, 7D, A4, 68, 00, 20, 00, 00, F3, A5, FF, 15, 3C, 03, 01, 00, 33, FF, 3B, C7, A3, 80, 09, 01, 00, 75, 07, B8, 9A, 00, 00, C0, EB, 63, E8, 58, FB, FF, FF, 8B, 35, 2C, 03, 01, 00, 8D, 45, CC, 50, 8D, 45, F4, 50, FF, D6, 8D, 45, A4, 50, 8D, 45, EC, 50, FF, D6, 8B, 75, 08, 8D, 45, FC, 50, 57, 57, 68, 00, F1, 00, 00, 8D, 45, F4, 50, 57, 56, FF, 15, 38, 03, 01, 00, 3B, C7, 7C, 26, 8D, 45, F4, 50...
 
[+]

Entropy:
6.7643

Developed / compiled with:
Microsoft Visual C++

Driver
Display name:
NTPort Library Driver

Service name:
zntport

Type:
Kernel device driver (KernelDriver)


Scan zntport.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.