cjdcjd
of 2
-
Upload
rajesh1146 -
Category
Documents
-
view
212 -
download
0
Transcript of cjdcjd
-
8/18/2019 cjdcjd
1/2
SPTD.SYSDefault location: C:\WINDOWS\SYSTEM32\DRIVERS\SPTD.SYSMD5: FEB80A9EC320569CC82D4DB9F4AC78BCSHA1: 3D06B9D8 D6C48265 AECC5153 D0FD5F7D 50C439A2File Size: 381 608
Version Info:OriginalFilename: sptd.sysFileDescription: SCSI Pass Through Direct HostInternalName: sptdCompanyName: Duplex Secure Ltd.FileVersion: 1.87.0.0 built by: WinDDKLegalCopyright: Copyright (C) 2004-2013ProductName: SCSI Pass Through DirectProductVersion: 1.87.0.0
PE Info of the C:\WINDOWS\SYSTEM32\DRIVERS\SPTD.SYS:
Type is native.DOS-stub: 232 bytesbuilt for machine: unknown processor: 8664 (non-32-bit-word machine)Bytes of machine word are not reversedRelocation info not stripped
Local symbols not strippedDebugging info not strippedexecutable file0 entries in symbol table10 sectionscreated (GMT): Thu Dec 11 14:52:44 2014Linker version: 9.0.text start: 0x1000, length: 375808 bytes.data start: 0x10000, length: 284672 bytes.bss start: -/-, length: 0 bytesexecution starts at 0x1164f7Preferred load base is 0x0Image size in RAM: 1136 KB
Sections aligned to 4096 bytes in RAM, 512 bytes in fileVersions: NT 6.1, Win32 5.2, App 6.1Checksum: 0x00068cd2uses no subsystemStack: 256 KB reserved, 0 KB committedHeap: 4 KB reserved, 0 KB committedSize of headers / offset to sections in file: 0x400
"" (virt. Size/Address: 0x0) 2019914798 bytes at offset 0x0 in RAM, 0x74 in file default alignment (16 bytes) at offset 0x1164f7: execution start
"" (virt. Size/Address: 0x0) 1146113609 bytes at offset 0x68000020 in RAM, 0x5345 in file default alignment (16 bytes)
"" (virt. Size/Address: 0x0) 1952539694 bytes at offset 0x68000020 in RAM, 0x61 in file default alignment (16 bytes)
"" (virt. Size/Address: 0x0) 1633972270 bytes at offset 0xc8000040 in RAM, 0x6174 in file
-
8/18/2019 cjdcjd
2/2
default alignment (16 bytes)
"" (virt. Size/Address: 0x0) 1162297680 bytes at offset 0x48000040 in RAM, 0x0 in file default alignment (16 bytes)
"" (virt. Size/Address: 0x0) 1414090313 bytes at offset 0x60000020 in RAM, 0x0 in file default alignment (16 bytes)
"" (virt. Size/Address: 0x0) 1953526574 bytes at offset 0xe2000020 in RAM, 0x3064 in file default alignment (16 bytes)
"" (virt. Size/Address: 0x0) 1953526574 bytes at offset 0x62000060 in RAM, 0x3164 in file default alignment (16 bytes)
"" (virt. Size/Address: 0x0) 1818587694 bytes at offset 0xe2000060 in RAM, 0x636f in file contents is COMDAT (common block data, packaged functions) ? far data ? locked in memory default alignment (16 bytes)
"" (virt. Size/Address: 0x0) 1920168494 bytes at offset 0x42000040 in RAM, 0x63 in file contains comments / information contents is COMDAT (common block data, packaged functions) ? far data ? locked in memory default alignment (16 bytes)
Entropy = 7.9208
Entropy: 7.92077
