home

netmonitor64.sys

GamePP

Game Plus Plus Technology Co. Ltd.

It runs as a Windows 64-bit kernel mode device driver named “N2O_NET_MONITOR”.
Publisher:
成都游加佳科技有限公司  (signed by Game Plus Plus Technology Co. Ltd.)

Product:
GamePP

Description:
游戏加加-网络模块(仅供WIN7-64位系统使用)

Version:
0.2.15.604

MD5:
14eede60f96e531f9c46dcd2737f0203

SHA-1:
a869de4410e94ec701bf985d6d44c21b1dd51e95

SHA-256:
ad1855510aa1f2cb9b44f689b706792da0bbf9f3de31887bffa34cca3979cb55

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
8/7/2025 10:15:05 PM UTC  (today)

File size:
119.1 KB (122,000 bytes)

Product version:
0.2.15.604

Copyright:
Copyright (C) 2014-2015

File type:
Driver (Win64 SYS)

Common path:
C:\windows\syswow64\drivers\netmonitor64.sys

Digital Signature
Signed by:
Game Plus Plus Technology Co. Ltd.

Authority:
Thawte, Inc.

Valid from:
5/29/2015 8:00:00 AM

Valid to:
5/29/2016 7:59:59 AM

Subject:
CN=Game Plus Plus Technology Co. Ltd., O=Game Plus Plus Technology Co. Ltd., L=ChengDu, S=SiChuan, C=CN

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
33D22A83614CCADF4A8CB90A9F0BB442

File PE Metadata
Compilation timestamp:
6/4/2015 1:55:05 PM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
3072:kFrRBqcG99xF57PlBigxKzTnbazN53LO0:kFVAcwlPxKzTbaJR3

Entry address:
0x289BE

Entry point:
E9, B3, FA, FF, FF, 0F, 84, 5A, 43, 00, 00, 48, 8D, 88, 9B, 6D, 3C, 5A, 0F, AD, D8, 48, F7, D9, C0, E9, 06, 48, 31, DB, 66, 0F, C9, 66, 0F, B3, D0, 48, 0F, BD, CF, 0F, B6, C2, 89, 5D, FC, 48, 8D, 0C, A5, 76, A1, 20, 81, F5, 89, D0, F8, 66, 81, E1, 52, BF, 80, FD, 6A, 66, F7, D9, C1, E8, 10, D3, F9, 8B, 4E, 04, E9, 19, 00, 00, 00, 0F, 83, 1E, 2B, FF, FF, F5, 3D, 7F, 00, 00, 00, E9, FB, E4, FF, FF, E9, 48, B9, FE, FF, 10, D2, C3, 84, C9, F8, 09, C9, 0F, 86, 5F, E4, FE, FF, 0F, 84, E8, 42, 00, 00, 48, D3, E7...
 
[+]

Entropy:
7.5493

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
8.5 KB (8,704 bytes)

Driver
Display name:
N2O_NET_MONITOR

Type:
Kernel device driver (KernelDriver)


Scan netmonitor64.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.