» 1394UDBG.SYS
Overview
Analysis
File Details
Programs (1)

1394UDBG.SYS

1394 User Debugger Driver

Microsoft Corporation

This is installed with Debugging Tools for Windows (x64).

File name:

1394UDBG.SYS

Publisher:

Microsoft Corporation (signed and verified)

Product:

Microsoft® Windows® Operating System

Description:

1394 User Debugger Driver

Version:

6.1.7650.0 (fbl_tools_debugger(wmbla).091016-1729)

MD5:

953e646f8c105acb4d5669ac23917ae6

SHA-1:

123f58c906b29307ca50112a6edb9fd50426a34c

SHA-256:

4fb7c79dbef78ae202b5555eb10dfa430e6a7591953e0f18a26e549f00c356eb

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)
Whitelisted (by digital signature)

Analysis date:

4/27/2024 1:15:54 AM UTC (today)

File size:

94.3 KB (96,512 bytes)

Product version:

6.1.7650.0

Original file name:

1394UDBG.SYS

File type:

Driver (Win64 SYS)

Language:

English (United States)

Common path:

C:\Program Files\debugging tools for windows (x64)\1394\1394udbg.sys

Digital Signature

Signed by:

Microsoft Corporation

Authority:

Microsoft Corporation

Valid from:

7/13/2009 4:00:18 PM

Valid to:

10/13/2010 4:10:18 PM

Subject:

CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:

CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:

6105F71E000000000032

File PE Metadata

Compilation timestamp:

10/16/2009 5:33:58 PM

OS version:

6.1

OS bitness:

Win64

Subsystem:

Native (none required)

Linker version:

10.0

CTPH (ssdeep):

1536:iLN2ZNRA4nqZ4XB2+1hPALyCQ7CZX8ly4e:ZRAESlGoLyCQ7EMlTe

Entry address:

0x18064

Entry point:

48, 83, EC, 28, 4C, 8B, C2, 4C, 8B, C9, E8, 95, FF, FF, FF, 49, 8B, D0, 49, 8B, C9, 48, 83, C4, 28, E9, 7E, 65, FF, FF, CC, CC, B0, 80, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, E8, 85, 01, 00, 00, 50, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 20, 82, 01, 00, 00, 00, 00, 00, 36, 82, 01, 00, 00, 00, 00, 00, 4C, 82, 01, 00, 00, 00, 00, 00, 5E, 82, 01, 00, 00, 00, 00, 00, 7E, 82, 01, 00, 00, 00, 00, 00, 9C, 82, 01, 00, 00, 00, 00, 00, B8, 82, 01, 00... 
[+]

Entropy:

5.9358

Code size:

81.5 KB (83,456 bytes)

The file 1394UDBG.SYS has been discovered within the following program.

Debugging Tools for Windows (x64) by Microsoft Corporation

Use Debugging Tools for Windows to debug drivers, applications, and services on Windows systems. Debugging Tools for Windows includes a core debugging engine and several tools that provide interfaces to the debugging engine.

www.microsoft.com

9% remove it

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.