Gridinsoft Logo

The jojo.sys File Analysis

Updated 20 days ago
Checked by Malaware Check
jojo.sys

Technical Analysis

File Name jojo.sys
File Type
PE32+ executable (native) x86-64, for MS Windows
Scanner Version 1.0.216.174
Database Version 2025-05-16 12:00:25 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
15,128
File Size (bytes)
2025-05-16
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
de6d7d57f3374f3f2405142d5bb2a2bc
SHA1
9b2c15eaeea78810176d827722e64927e596d21f
SHA256
b64856e3422c1a7425c3f26f409c513fc4013d9f2d1b68c05b9a32958ddb043a
SHA512
a1906f5ac089e9e9b98529774819ae49c5910374a1a49dd3a7360bf690eadba6fe6eb6c451050f39a870f504e3e8cd91b45a8218879961575a33f55b19f5f6da
ImpHash
c92982e7b6d2fc29afa8ad488ef61ca6

PE Analysis

Basic Information

Image Base 0x140000000
Entry Point 0x140006000
Compilation Time 2025-05-16 09:27:39
Checksum 0x0000b2a5 (Actual: 0x0000b2a5)
OS Version 10.0
PEiD Signatures PE32+ executable (native) x86-64, for MS Windows
PDB Path D:\Project\驱动\25.5.12驱动\x64\Release\jojo.pdb
Digital Signature Chain verification from CN=WDKTestCert pzb\,133917857107945761 (serial:25502956067333177722586543258893907138, sha1:816b1636e6edb01fdb981abca5466c61e5e3e86c) failed: The X.509 certificate provided is self-signed - "Common Name: WDKTestCert pzb,133917857107945761"
Imports 1 libraries
ntoskrnl
Exports 0 functions
Resources 0 Resources
Sections 6 Sections

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 6,876 bytes 7,168 bytes 6.04 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_NOT_PAGED|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ A0E292DF6D3AF13A4AB7F70C77B7DB16
.rdata 0x00003000 1,736 bytes 2,048 bytes 3.40 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_NOT_PAGED|IMAGE_SCN_MEM_READ E7272E84E84140504F3E399D4935EF41
.data 0x00004000 356 bytes 512 bytes 0.32 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_NOT_PAGED|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 1D6018885896145DC1652F048D242723
.pdata 0x00005000 408 bytes 512 bytes 3.25 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_NOT_PAGED|IMAGE_SCN_MEM_READ 3F9DC83A2751F9E3357A1F045C710C71
INIT 0x00006000 1,230 bytes 1,536 bytes 4.35 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ B27246F1DE1558804B9CB057D50F5AD8
.reloc 0x00007000 36 bytes 512 bytes 0.48 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ BAD3054FDAAB75497618D6141021291B

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

Chain verification from CN=WDKTestCert pzb\,133917857107945761 (serial:25502956067333177722586543258893907138, sha1:816b1636e6edb01fdb981abca5466c61e5e3e86c) failed: The X.509 certificate provided is self-signed - "Common Name: WDKTestCert pzb,133917857107945761"

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware