» 1394kdbg.sys
Overview
Analysis
File Details
Programs (1)

1394kdbg.sys

1394 Debugger Driver

Microsoft Corporation

This is installed with Debugging Tools for Windows (x64).

File name:

1394kdbg.sys

Publisher:

Microsoft Corporation (signed and verified)

Product:

Microsoft® Windows® Operating System

Description:

1394 Debugger Driver

Version:

6.1.7650.0 (fbl_tools_debugger(wmbla).091016-1729)

MD5:

2f08ff21fbd29c57a8b48a21bcece922

SHA-1:

7d234fdd251b825f4c6e64318501254729cfabe2

SHA-256:

6078b65b3d32cdc36b12cbf3e0ad25a2368c42ff5062a9da8995405a01fddb53

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)
Whitelisted (by digital signature)

Analysis date:

4/25/2024 1:54:46 PM UTC (today)

File size:

901.8 KB (923,392 bytes)

Product version:

6.1.7650.0

Original file name:

1394DBG.SYS

File type:

Driver (Win64 SYS)

Language:

English (United States)

Common path:

C:\Program Files\debugging tools for windows (x64)\1394\1394kdbg.sys

Digital Signature

Signed by:

Microsoft Corporation

Authority:

Microsoft Corporation

Valid from:

7/13/2009 4:00:18 PM

Valid to:

10/13/2010 4:10:18 PM

Subject:

CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:

CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:

6105F71E000000000032

File PE Metadata

Compilation timestamp:

10/16/2009 5:34:14 PM

OS version:

6.1

OS bitness:

Win64

Subsystem:

Native (none required)

Linker version:

10.0

CTPH (ssdeep):

12288:1Eo9pdo2uiqGUadfiZtZwo20jjUOq62C5s+drW21:io9pdoDi1UAiZtZwo2uU/Cd421

Entry address:

0xBE80

Entry point:

48, 89, 54, 24, 10, 48, 89, 4C, 24, 08, 48, 83, EC, 28, E8, 75, 61, 0D, 00, 48, 8B, 54, 24, 38, 48, 8B, 4C, 24, 30, E8, 0E, 00, 00, 00, 48, 83, C4, 28, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, 48, 89, 54, 24, 10, 48, 89, 4C, 24, 08, 48, 83, EC, 38, 48, 8B, 44, 24, 40, 48, 89, 05, BE, F3, 0B, 00, 48, 83, 7C, 24, 40, 00, 75, 14, 48, 8B, 54, 24, 48, 48, 8B, 4C, 24, 40, E8, 7F, E2, FF, FF, E9, AA, 01, 00, 00, E8, 85, FC, FF, FF, 89, 44, 24, 20, 83, 7C, 24, 20, 00, 7D, 37, 83, 3D, 5F, F1, 0B, 00, 00, 74, 25, 48... 
[+]

Entropy:

5.6612

Code size:

789.5 KB (808,448 bytes)

The file 1394kdbg.sys has been discovered within the following program.

Debugging Tools for Windows (x64) by Microsoft Corporation

Use Debugging Tools for Windows to debug drivers, applications, and services on Windows systems. Debugging Tools for Windows includes a core debugging engine and several tools that provide interfaces to the debugging engine.

www.microsoft.com

9% remove it

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.