Information about isafekrnlboot.sys

» File
File Details
Overview
Analysis

isafekrnlboot.sys

File Details

Main Info:

Product Name:	YAC Security Protection
Company Name:	Elex do Brasil Participações Ltda
MD5:	fab2eba07369bf3c6db33469b5b36fcb
Size:	53 KB
First Published:	2017-05-21 03:01:55 (7 years ago)
Latest Published:	2020-11-16 22:43:44 (4 years ago)

Analysis:

Status:	Undefined (on last analysis)
Analysis Date:	2020-11-16 22:43:44 (4 years ago)

Overview

Digital Signature

Signed By:	Elex do Brasil Participações Ltda
Status:	Valid

Common Places:

%system%\drivers

%programfiles%\elex-tech\yac

%temp%\ist5332.tmp\sys\x64

%temp%\istcc09.tmp\sys\x64

%temp%\istca6f.tmp\sys\x64

%temp%\ist4161.tmp\sys\x64

%sysdrive%\adwcleaner\quarantine\files\hnejfgjgzqgwsaagtcjzctwkxkwixhhr\yac

%sysdrive%\adwcleaner\quarantine\files\ttrzbiwbftrphsyswotxgiymvycbwfok\yac

%temp%\isteda.tmp\sys\x64

%temp%\istd3bf.tmp\sys\x64

File Names:

iSafeKrnlBoot.sys

isafekrnlboot.sys

0A031C952FEEDD56C28A70F95D9A623595933E3F.sys

iSafeKrnlBoot.sys.18.53.09.66.vz

$REQ3CHM.sys

iSafeKrnlBoot.sys.quarantined

dshbkowdcomwqjrcymbokkvlhqturehw.back

akpyvzxujcyeplcqffvjijrbpjiapzhi.back

xbhljkbliielsixzcrdvpnisnolwcpjp.back

Geography:

Hong Kong	26.7%
Vietnam	15.9%
Taiwan	13.3%
Thailand	5.7%
Indonesia	5.6%
Turkey	4.8%
South Korea	4.1%
Poland	3.7%
Brazil	2.4%
India	2.2%
Russia	1.3%
France	1.2%
Romania	0.9%
Czech Republic	0.8%
Macau	0.8%
Ukraine	0.7%
South Africa	0.6%
Hungary	0.6%
Bulgaria	0.6%
Australia	0.6%
Italy	0.5%
Slovakia	0.4%
Morocco	0.4%
Germany	0.3%
Argentina	0.3%
United Arab Emirates	0.3%
Mexico	0.3%
China	0.3%
Greece	0.2%
Chile	0.2%
Myanmar	0.2%
Ireland	0.2%
Spain	0.2%
Iran	0.2%
Singapore	0.2%
Algeria	0.2%
Finland	0.2%
Belarus	0.2%
Serbia	0.2%
Egypt	0.2%
Libya	0.2%
Georgia	0.1%
Portugal	0.1%
Luxembourg	0.1%
Laos	0.1%
Afghanistan	0.1%
Saint Vincent and the Grenadines	0.1%
Kazakhstan	0.1%
Venezuela	0.1%
Iraq	0.1%
Jordan	0.1%
Lebanon	0.1%
Azerbaijan	0.1%
Switzerland	0.1%
Sweden	0.1%
Saudi Arabia	0.1%
Estonia	0.1%
Israel	0.1%
Iceland	0.1%
Tunisia	0.1%
Slovenia	0.1%
Pakistan	0.1%
Bangladesh	0.1%
Latvia	0.1%
Malaysia	0.1%
Paraguay	0.1%
United States	0.1%

OS Version:

Windows 7	49.6%
Windows 10	40.0%
Windows 8.1	7.3%
Windows 8	2.7%
Windows XP	0.3%
Windows Vista	0.1%
Windows Server 2012 R2	0.1%

Analysis

PE Info:

Subsystem:	Native
PE Type:	pe
OS Bitness:	64
Image Base:	0x0000000000010000
Entry Address:	0x0000c090

PE Sections:

Name	Size of data	MD5
.text	2560	8a086d15d0fad0cb6705397842f27204
.rdata	3584	8c501600da646681c55fe03f13a6c0a7
.data	6656	877d6b58b0c31bbf96da4a0b191676f0
.pdata	1024	3e985861d0089e92514ce09565a78a9b
PAGE	19456	9d6d81b99be5e7000ab8cccade9902cb
INIT	1536	a416d0671b58f440f7e2e3ddacd38bd2
.rsrc	1024	b3fa9fd8d5517a2c96a549333d82ea9f
.reloc	512	57152ccf8f98cceb7e6afaf773deac1f

More information:

Search on Virustotal

copyright for information about isafekrnlboot.sys

Information about isafekrnlboot.sys

isafekrnlboot.sys

File Details

Main Info:

YAC Security Protection

Elex do Brasil Participações Ltda

Analysis:

Overview

Digital Signature

Common Places:

Geography:

OS Version:

Analysis

PE Info:

PE Sections:

More information: