Information about PowerSaveZ_x64.sys

PowerSaveZ_x64.sys

File Details

Product Name:

鲁大师
Company Name:

ludashi.com
MD5: d22a80ede44eee614c1bea55ec65ada2
Size: 28 KB
First Published: 2017-05-21 06:07:00 (8 years ago)
Latest Published: 2024-09-08 23:01:10 (a year ago)
Status: Undefined (on last analysis)
Analysis Date: 2024-09-08 23:01:10 (a year ago)

Overview

Signed By: Qihoo 360 Software (Beijing) Company Limited
Status: Valid

Common Places:

%programfiles%\ludashi
%programfiles%\ldslite
%programfiles%
%programfiles%
%programfiles%
%programfiles%
%programfiles%\ludashi
%programfiles%\ludashi
%programfiles%
%programfiles%

Geography:

37.1%
31.7%
8.3%
4.2%
2.5%
1.7%
1.7%
1.7%
1.3%
1.3%
0.8%
0.8%
0.8%
0.8%
0.8%
0.8%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%

OS Version:

Windows 10 72.6%
Windows 7 21.2%
Windows 8.1 2.9%
Windows XP 1.7%
Windows Server 2008 R2 0.8%
Windows Embedded 8.1 0.4%
Windows 8 0.4%

Analysis

Subsystem: Native
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000000010000
Entry Address: 0x00006064

PE Sections:

Name Size of data MD5
.text 6144 f843fc9eb5f66b786f297c487a1dd878
.rdata 1024 a14127dff38e96f8241fdcf614b406e7
.data 512 043c46095689123e1f5be96c109c2f46
.pdata 512 41d59fb2758803594ebff75fd70d6c99
INIT 1024 2bacea5240ec24d26760c50ff8045aae
.rsrc 1536 853557883ea55b55a9190368a801a953

More information:

Search on Virustotal
copyright for information about PowerSaveZ_x64.sys