Windows Analysis Report
LibreHardwareMonitorLib.sys

Overview

General Information

Sample name: LibreHardwareMonitorLib.sys
Analysis ID: 1370535
MD5: 0c0195c48b6b8582fa6f6373032118da
SHA1: d25340ae8e92a6d29f599fef426a2bc1b5217299
SHA256: 11bd2c9f9e2397c9a16e0990e4ed2cf0679498fe0fd418a3dfdac60b5c160ee5
Errors
  • No process behavior to analyse as no analysis process or sample was found
  • Corrupt sample or wrongly selected analyzer. Details: unsuccessful

Detection

Score: 0
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

Sample file is different than original file name gathered from version info

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious
Source: LibreHardwareMonitorLib.sys Static PE information: certificate valid
Source: Binary string: d:\hotproject\winring0\source\dll\sys\lib\amd64\WinRing0.pdb source: LibreHardwareMonitorLib.sys
Source: LibreHardwareMonitorLib.sys String found in binary or memory: http://crl.globalsign.net/ObjectSign.crl0
Source: LibreHardwareMonitorLib.sys String found in binary or memory: http://crl.globalsign.net/Root.crl0
Source: LibreHardwareMonitorLib.sys String found in binary or memory: http://crl.globalsign.net/RootSignPartners.crl0
Source: LibreHardwareMonitorLib.sys String found in binary or memory: http://crl.globalsign.net/primobject.crl0
Source: LibreHardwareMonitorLib.sys Binary or memory string: OriginalFilenameWinRing0.sys2 vs LibreHardwareMonitorLib.sys
Source: LibreHardwareMonitorLib.sys Binary string: \Device\WinRing0_1_2_0
Source: classification engine Classification label: unknown0.winSYS@0/0@0/0
Source: LibreHardwareMonitorLib.sys Static PE information: certificate valid
Source: LibreHardwareMonitorLib.sys Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: Binary string: d:\hotproject\winring0\source\dll\sys\lib\amd64\WinRing0.pdb source: LibreHardwareMonitorLib.sys

No Behavior Graph

No contacted IP infos