home

ndisvirtualbus.sys

Операционная система Microsoft Windows

Microsoft Corporation

Publisher:
Microsoft Corporation

Product:
Операционная система Microsoft® Windows®

Description:
Перечислитель виртуальных сетевых адаптеров (Майкрософт)

 
Part of the Windows Operating System

Version:
10.0.14393.0 (rs1_release.160715-1616)

MD5:
7340104c2bf2f126714f7cde85e63610

SHA-1:
154b76642c6e2f3225aa95a598d54fd91f10b8de

SHA-256:
45b64ec6f3a4c43f7d74806789067658c6ef0d44d36b841f4d26e1ebc95af66c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
5/9/2025 2:59:58 PM UTC  (today)

File size:
20 KB (20,480 bytes)

Product version:
10.0.14393.0

Copyright:
© Корпорация Майкрософт (Microsoft Corporation). Все права защищены.

Original file name:
NdisVirtualBus.sys.mui

File type:
Driver (Win64 SYS)

Common path:
C:\Windows\System32\drivers\ndisvirtualbus.sys

File PE Metadata
Compilation timestamp:
7/16/2016 5:26:32 AM

OS version:
10.0

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
14.0

CTPH (ssdeep):
384:MDJMiseC7Kq0kkwvaB5YXop+Chrl5DgMzPW7RBW7:fatfPPp+URxZ2

Entry address:
0x1060

Entry point:
48, 89, 5C, 24, 08, 57, 48, 83, EC, 20, 48, 8B, DA, 48, 8B, F9, E8, BB, 80, 00, 00, 48, 8B, D3, 48, 8B, CF, 48, 8B, 5C, 24, 30, 48, 83, C4, 20, 5F, E9, 06, 00, 00, 00, CC, CC, CC, CC, CC, CC, 48, 89, 5C, 24, 08, 48, 89, 6C, 24, 10, 48, 89, 74, 24, 18, 57, 48, 83, EC, 20, 33, ED, 48, 8B, F2, 48, 8B, F9, 48, 85, C9, 75, 0A, E8, 4A, 7F, 00, 00, E9, E7, 00, 00, 00, 48, 89, 0D, 4E, 30, 00, 00, 48, 8D, 05, 57, 30, 00, 00, 48, 8D, 0D, 18, 30, 00, 00, 48, 89, 05, 19, 30, 00, 00, C7, 05, 07, 30, 00, 00, 00, 00, 08...
 
[+]

Code size:
11 KB (11,264 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.