SHA256: a26db2eb9f3e2509b4eba949db97595cc32332d9321df68283bfc102e66d766f
SHA1: 161257b5356f782c30dc8165d9beb941bb4eeace
MD5: 5fb7fcea0490d821f26f39cc5ea3d1e2
File size: 81.5 KB ( 83456 bytes )
File name: serial.sys
File type: Win32 EXE
Detection ratio: 0 / 43
Analysis date: 2012-02-14 23:26:01 UTC ( 0 minutes ago )
12
Antivirus Result Update
AhnLab-V3 - 20120214
AntiVir - 20120214
Antiy-AVL - 20120213
Avast - 20120214
AVG - 20120214
BitDefender - 20120214
ByteHero - 20120211
CAT-QuickHeal - 20120214
ClamAV - 20120214
Commtouch - 20120214
Comodo - 20120214
DrWeb - 20120215
Emsisoft - 20120214
eSafe - 20120214
eTrust-Vet - 20120214
F-Prot - 20120214
F-Secure - 20120214
Fortinet - 20120214
GData - 20120214
Ikarus - 20120214
Jiangmin - 20120214
K7AntiVirus - 20120214
Kaspersky - 20120214
McAfee - 20120215
McAfee-GW-Edition - 20120214
Microsoft - 20120214
NOD32 - 20120215
Norman - 20120214
nProtect - 20120214
Panda - 20120214
PCTools - 20120207
Prevx - 20120215
Rising - 20120214
Sophos - 20120214
SUPERAntiSpyware - 20120206
Symantec - 20120214
TheHacker - 20120213
TrendMicro - 20120214
TrendMicro-HouseCall - 20120214
VBA32 - 20120214
VIPRE - 20120214
ViRobot - 20120214
VirusBuster - 20120214
ssdeep
1536:cNjOd1ZoNTqzrSuzHv//a+W0Y2450B45gwbEREXjt:0OduTUGGHv/K01+5toRAt
TrID
Win64 Executable Generic (87.2%)
Win32 Executable Generic (8.6%)
Generic Win/DOS Executable (2.0%)
DOS Executable Generic (2.0%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
ExifTool
UninitializedDataSize....: 0
InitializedDataSize......: 13824
ImageVersion.............: 6.1
ProductName..............: Microsoft Windows Operating System
FileVersionNumber........: 6.1.7600.16385
LanguageCode.............: English (U.S.)
FileFlagsMask............: 0x003f
FileDescription..........: Serial Device Driver
CharacterSet.............: Unicode
LinkerVersion............: 9.0
FileOS...................: Windows NT 32-bit
MIMEType.................: application/octet-stream
Subsystem................: Native
FileVersion..............: 6.1.7600.16385 (win7_rtm.090713-1255)
TimeStamp................: 2009:07:14 00:45:33+01:00
FileType.................: Win32 EXE
PEType...................: PE32
InternalName.............: serial.sys
ProductVersion...........: 6.1.7600.16385
SubsystemVersion.........: 6.1
OSVersion................: 6.1
OriginalFilename.........: serial.sys
LegalCopyright...........: Microsoft Corporation. All rights reserved.
MachineType..............: Intel 386 or later, and compatibles
CompanyName..............: Microsoft Corporation
CodeSize.................: 68608
FileSubtype..............: 7
ProductVersionNumber.....: 6.1.7600.16385
EntryPoint...............: 0x13441
ObjectFileType...........: Driver
Sigcheck
publisher................: Brother Industries Ltd.
product..................: Microsoft_ Windows_ Operating System
internal name............: brserid.sys
copyright................: Copyright (C) Brother Industries Ltd.1997-2006
original name............: brserid.sys.mui
file version.............: 1.0.1.6 (vbl_wcp_d2_drivers.060801-2007)
description..............: Brotehr Serial I/F Driver (WDM)
Portable Executable structural information
Compilation timedatestamp.....: 2009-07-13 23:45:33
Target machine................: 332
Entry point address...........: 0x00013441
PE Sections...................:
Name Virtual Address Virtual Size Raw Size Entropy MD5
.text 4096 17883 17920 6.40 a796441307d22f0ed8603062473bec6d
.rdata 24576 500 512 3.80 fe2569ee1b3845e92d92c7c8618f6280
.data 28672 312 512 1.79 27bb04f0f079113479e41125a0422ad3
PAGESRP0 32768 21090 21504 6.41 9cbf0d3d24234e364de3aa6274c4abee
PAGESER 57344 16480 16896 6.31 8548bdb4337f2b7d6c6018639161f5e3
INIT 77824 12206 12288 6.33 a1f7a4b0378bc8105b00d85ce27887c1
.rsrc 90112 9344 9728 3.29 059611fad5c4400c101fbfbc7dbf068b
.reloc 102400 2908 3072 6.56 bb4ddb6b7cc2a1a7ce232571eb52be47
PE Imports....................:
HAL.dll
WRITE_PORT_BUFFER_UCHAR, KfReleaseSpinLock, HalTranslateBusAddress, HalGetInterruptVector, KeGetCurrentIrql, ExAcquireFastMutex, ExReleaseFastMutex, WRITE_PORT_UCHAR, KdComPortInUse, READ_PORT_UCHAR, KfRaiseIrql, KfLowerIrql, KfAcquireSpinLock
WMILIB.SYS
WmiCompleteRequest, WmiSystemControl
ntoskrnl.exe
memmove, ExAllocatePoolWithTag, memset, PoSetPowerState, KeWaitForSingleObject, KeInitializeDpc, KeInitializeTimer, ExAllocatePoolWithQuotaTag, KeInsertQueueDpc, KeDelayExecutionThread, MmLockPagableSectionByHandle, MmQuerySystemSize, KeQuerySystemTime, KeSetEvent, KeSetTimer, IofCallDriver, PoCallDriver, IoWriteErrorLogEntry, IoAllocateErrorLogEntry, memcpy, KeCancelTimer, IoInvalidateDeviceState, KeInitializeEvent, IoCreateDevice, RtlAppendUnicodeStringToString, MmLockPagableDataSection, RtlInitUnicodeString, RtlAppendUnicodeToString, IoAttachDeviceToDeviceStack, IoQueryDeviceDescription, ZwClose, IoOpenDeviceRegistryKey, RtlDeleteRegistryValue, IoDeleteSymbolicLink, IoSetDeviceInterfaceState, IoRegisterDeviceInterface, RtlWriteRegistryValue, IoCreateSymbolicLink, IoConnectInterrupt, RtlQueryRegistryValues, ZwQueryValueKey, ZwSetValueKey, ZwEnumerateKey, IoReportDetectedDevice, ZwOpenKey, PoStartNextPowerIrp, PoRequestPowerIrp, KeClearEvent, KeTickCount, KeBugCheckEx, RtlUnwind, MmUnlockPagableImageSection, IoCancelIrp, IoDetachDevice, IoDeleteDevice, IoGetConfigurationInformation, IoWMIRegistrationControl, IoDisconnectInterrupt, ExFreePoolWithTag, KeRemoveQueueDpc, MmUnmapIoSpace, MmMapIoSpace, _allmul, IoAcquireCancelSpinLock, KeSynchronizeExecution, IoReleaseCancelSpinLock, RtlIntegerToUnicodeString, IofCompleteRequest
Symantec Reputation
Suspicious.Insight
First seen by VirusTotal
2009-12-27 22:29:10 UTC ( 2 years, 1 month ago )
Last seen by VirusTotal
2012-02-14 23:26:01 UTC ( 0 minutes ago )
File names (max. 25)
serial.sys
serial.sys
serial.sys
B7F89E030049F5EB463C01B7ABFA70003FC602AD.sys
serial.sys
serial.sys
serial.sys
serial.sys
serial.sys
serial.sys
serial.sys
serial.sys
serial.sys
161257b5356f782c30dc8165d9beb941bb4eeace
B7F89E030049F5EB463C01B7ABFA70003FC602AD.sys
C:\Windows\System32\drivers\serial.sys
D:\sav\BestiaMadre\queues\webroot\tmp_zip2\DPYRKEXDHI-997.pms.sys.SVD
DPYRIRLYBT-327.pms.sys.SVD
DPYRKEXDHI-123.pms.sys.SVD
file-2645895_sys
file-3006476_sys
serial.sys
smona131254314201585407688
smona131254314212584649341
smona131300133384370491278