Information about PowerSaveZ.sys

PowerSaveZ.sys

File Details

Product Name:

鲁大师
Company Name:

360.cn
MD5: feefc60b3a432cb36492cd7bfa6d48ce
Size: 16 KB
First Published: 2017-05-21 06:06:59 (6 years ago)
Latest Published: 2020-12-29 08:22:35 (3 years ago)
Status: Undefined (on last analysis)
Analysis Date: 2020-12-29 08:22:35 (3 years ago)

Overview

Signed By: QIHU 360 SOFTWARE CO. LIMITED
Status: Valid

Common Places:

%programfiles%\ludashi
%programfiles%\ldslite
%programfiles%
%programfiles%
%programfiles%
%programfiles%
%programfiles%\ludashi
%programfiles%\ludashi
%programfiles%
%programfiles%

Geography:

36.5%
32.0%
8.3%
4.1%
2.9%
1.7%
1.7%
1.2%
1.2%
1.2%
0.8%
0.8%
0.8%
0.8%
0.8%
0.8%
0.8%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%

OS Version:

Windows 10 72.7%
Windows 7 21.1%
Windows 8.1 2.9%
Windows XP 1.7%
Windows Server 2008 R2 0.8%
Windows Embedded 8.1 0.4%
Windows 8 0.4%

Analysis

Subsystem: Native
PE Type: pe
OS Bitness: 32
Image Base: 0x00010000
Entry Address: 0x0000403e

PE Sections:

Name Size of data MD5
.text 4096 00152cc93a5da3c07977c68b7dbfca8b
.rdata 512 7a97952a461834c4afbe627de94cea2e
.data 512 0b2e7741e0c0fc65af1542e370d89f53
INIT 1024 25960708b8241a288ee1ca6d9904d8a9
.rsrc 1536 3a234efc428811314dd85178f6af2bff
.reloc 512 c34e3e9ef699b47b280c8614ab8789c3

More information:

Search on Virustotal
copyright for information about PowerSaveZ.sys