× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1fe705a6f4c0f697ef6a3f195a3a73b23399fa3f83bd4f481df57b131dc283bd
File name: O driver
Detection ratio: 0 / 67
Analysis date: 2019-04-15 08:12:10 UTC ( 1 week, 3 days ago )
Antivirus Result Update
Acronis 20190413
Ad-Aware 20190415
AegisLab 20190415
AhnLab-V3 20190415
Alibaba 20190402
ALYac 20190415
Antiy-AVL 20190415
Arcabit 20190415
Avast 20190415
Avast-Mobile 20190415
AVG 20190415
Avira (no cloud) 20190415
Babable 20180918
Baidu 20190318
BitDefender 20190415
Bkav 20190412
CAT-QuickHeal 20190414
ClamAV 20190414
CMC 20190321
Comodo 20190415
CrowdStrike Falcon (ML) 20190212
Cybereason 20190403
Cyren 20190415
DrWeb 20190415
eGambit 20190415
Emsisoft 20190415
Endgame 20190403
ESET-NOD32 20190415
F-Secure 20190415
FireEye 20190415
Fortinet 20190415
GData 20190415
Ikarus 20190415
Sophos ML 20190313
Jiangmin 20190415
K7AntiVirus 20190415
K7GW 20190415
Kaspersky 20190415
Kingsoft 20190415
Malwarebytes 20190415
MAX 20190415
McAfee 20190415
McAfee-GW-Edition 20190415
Microsoft 20190415
eScan 20190415
NANO-Antivirus 20190415
Palo Alto Networks (Known Signatures) 20190415
Panda 20190414
Qihoo-360 20190415
Rising 20190415
SentinelOne (Static ML) 20190407
Sophos AV 20190415
SUPERAntiSpyware 20190410
Symantec Mobile Insight 20190410
TACHYON 20190415
Tencent 20190415
TheHacker 20190411
TotalDefense 20190413
Trapmine 20190325
TrendMicro-HouseCall 20190415
Trustlook 20190415
VBA32 20190412
VIPRE 20190411
ViRobot 20190415
Yandex 20190412
Zillya 20190412
ZoneAlarm by Check Point 20190415
Zoner 20190415
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Native subsystem.
FileVersionInfo properties
Copyright
Copyright (c) 2002-2006 BIOSTAR Group

Product BIOSTAR I/O driver fle
Original name BS_I2cIo.sys
Internal name I/O driver
File version 1, 1, 0, 0
Description I/O Interface driver file
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-07-26 08:05:43
Entry Point 0x0000358F
Number of sections 7
PE sections
PE imports
READ_PORT_USHORT
WRITE_PORT_UCHAR
WRITE_PORT_ULONG
WRITE_PORT_USHORT
HalTranslateBusAddress
HalSetBusDataByOffset
READ_PORT_UCHAR
HalGetBusDataByOffset
READ_PORT_ULONG
KeQuerySystemTime
RtlInitUnicodeString
MmUnmapIoSpace
ZwCreateFile
RtlTimeToTimeFields
WRITE_REGISTER_BUFFER_UCHAR
KeSetPriorityThread
KeTickCount
ZwWriteFile
_aullrem
IoCreateDevice
ExfInterlockedRemoveHeadList
IoDeleteDevice
IoReleaseCancelSpinLock
IoStartPacket
ExAllocatePoolWithTag
PsTerminateSystemThread
KeGetCurrentThread
MmMapIoSpace
KeInitializeEvent
IofCompleteRequest
READ_REGISTER_BUFFER_UCHAR
IoDeleteSymbolicLink
_aulldiv
KeSetEvent
ExfInterlockedInsertTailList
KeInitializeSpinLock
KeWaitForSingleObject
ExFreePoolWithTag
IoAcquireCancelSpinLock
KeRemoveEntryDeviceQueue
IoCreateSymbolicLink
PsCreateSystemThread
ObReferenceObjectByHandle
ObfDereferenceObject
ZwClose
IoStartNextPacket
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.1

InitializedDataSize
4608

ImageVersion
5.1

ProductName
BIOSTAR I/O driver fle

FileVersionNumber
1.1.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

LinkerVersion
7.1

FileTypeExtension
exe

OriginalFileName
BS_I2cIo.sys

MIMEType
application/octet-stream

Subsystem
Native

FileVersion
1, 1, 0, 0

TimeStamp
2012:07:26 10:05:43+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
I/O driver

ProductVersion
1, 1, 0, 0

FileDescription
I/O Interface driver file

OSVersion
5.1

FileOS
Win32

LegalCopyright
Copyright (c) 2002-2006 BIOSTAR Group

MachineType
Intel 386 or later, and compatibles

CompanyName
BIOSTAR Group

CodeSize
11264

FileSubtype
0

ProductVersionNumber
1.1.0.0

EntryPoint
0x358f

ObjectFileType
Dynamic link library

File identification
MD5 35e72f794f84586cc987d45df063ec26
SHA1 e03677e7035ca2b20b8f2320283effefc764e2ab
SHA256 1fe705a6f4c0f697ef6a3f195a3a73b23399fa3f83bd4f481df57b131dc283bd
ssdeep
384:PZi/h7sJfuePLf66vbKsbMKolk96lZUh:4Vs83QbMw

authentihash d87e1d6f1a394363bd8fc1167d7227b121b8e5ed793feb4b4c73e86d2f4ad96a
imphash b1f9f39bb926ee8fe9fb10ef74311ec6
File size 16.6 KB ( 17024 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (native) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (34.3%)
Win32 Executable (generic) (23.5%)
OS/2 Executable (generic) (10.5%)
Clipper DOS Executable (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe native

VirusTotal metadata
First submission 2012-11-03 04:34:42 UTC ( 6 years, 5 months ago )
Last submission 2015-10-13 07:35:00 UTC ( 3 years, 6 months ago )
File names bsmem.sys
BS_I2cIo.sys
BSMEM.sys
O driver
bsmem.sys
BSMEM.sys
BSMEM.SYS
BSMEM.sys
BSMEM.sys
BSMEM.sys
BSMEM.sys
bsmem.sys
BSMEM.sys
BSMEM.sys
bsmem.sys
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!