Information about isafekrnlboot.sys

isafekrnlboot.sys

File Details

Product Name:

YAC Security Protection
Company Name:

Elex do Brasil Participações Ltda
MD5: 142a78d40cd07251ecb4732177efa816
Size: 49 KB
First Published: 2017-05-21 05:04:31 (8 years ago)
Latest Published: 2023-07-26 23:51:26 (2 years ago)
Status: Undefined (on last analysis)
Analysis Date: 2023-07-26 23:51:26 (2 years ago)

Overview

Signed By: Elex do Brasil Participações Ltda
Status: Valid

Common Places:

%programfiles%\elex-tech\yac
%system%\drivers
%temp%\ist5332.tmp\sys\x86
%temp%\istcc09.tmp\sys\x86
%temp%\istca6f.tmp\sys\x86
%temp%\ist4161.tmp\sys\x86
%temp%\isteda.tmp\sys\x86
%temp%\ist955b.tmp\sys\x86
%temp%\ist131b.tmp\sys\x86
%sysdrive%\system volume information\_restore{f14a1c2c-a641-43f9-a293-b0cb265a4677}\rp1244

File Names:

iSafeKrnlBoot.sys
isafekrnlboot.sys
A0427994.sys
A0422264.sys
A0096045.sys
A0096128.sys

Geography:

Vietnam 39.6%
Taiwan 9.0%
Indonesia 8.0%
Turkey 7.4%
Brazil 7.1%
Hong Kong 5.0%
Poland 3.4%
South Korea 2.5%
Thailand 2.5%
Russia 1.9%
Saudi Arabia 1.5%
India 1.2%
Mexico 1.2%
Ukraine 1.2%
Morocco 0.9%
United Arab Emirates 0.9%
Macau 0.6%
Myanmar 0.6%
Spain 0.6%
Egypt 0.6%
Netherlands 0.6%
Panama 0.6%
Ecuador 0.3%
South Africa 0.3%
Greece 0.3%
Malaysia 0.3%
China 0.3%
Philippines 0.3%
Italy 0.3%
Romania 0.3%
Colombia 0.3%

OS Version:

Windows 7 77.2%
Windows XP 10.2%
Windows 10 7.1%
Windows 8 3.1%
Windows 8.1 1.9%
Windows Vista 0.6%

Analysis

Subsystem: Native
PE Type: pe
OS Bitness: 32
Image Base: 0x00010000
Entry Address: 0x00006ee7

PE Sections:

Name Size of data MD5
.text 1792 e9ea5923314f5e9105289a03e4f48143
.rdata 2560 f719cff371af8a5ff6fc2c0da70e53fb
.data 6784 98209b4d22f21cde218d496cef357b9d
PAGE 16000 f59a8aee3806c68ad6bb5f5325df6b98
INIT 1152 f24c451832fbf2ecd3910b82df3d7288
.rsrc 1024 908a16978161161ce9521bc4e9e83d39
.reloc 2432 a696d9afad7722cd369dcfb188be64fd

More information:

Search on Virustotal
copyright for information about isafekrnlboot.sys
­