home

apimonitor-drv-x86.sys

API Monitor v2

Rohitab Batra

Publisher:
rohitab.com  (signed by Rohitab Batra)

Product:
API Monitor v2

Description:
API Monitor v2 Hooking Driver (Alpha)

Version:
1.0.0.8

MD5:
3db9a9536004570afa561195ef9e9113

SHA-1:
462b92a0079f052d7f608085132d7e0917706df2

SHA-256:
f4dcaa5b1cd29c5038c9fb934c6aa1c768b2e70b0a1b015f2c78245f7f26ca3b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
7/7/2025 3:30:25 PM UTC  (today)

File size:
117.1 KB (119,904 bytes)

Product version:
2.0.0.8

Copyright:
(c) 2001-2011 Rohitab Batra. All Rights Reserved.

Original file name:
hooker.dll

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\compressed\api monitor\api monitor\apimonitor-drv-x86.sys

Digital Signature
Signed by:
Rohitab Batra

Authority:
COMODO CA Limited

Valid from:
6/7/2011 4:30:00 AM

Valid to:
6/7/2012 4:29:59 AM

Subject:
CN=Rohitab Batra, O=Rohitab Batra, STREET="65 E WASHINGTON ST #3112", L=NORTH ATTLEBORO, S=MA, PostalCode=02760, C=US

Issuer:
CN=COMODO Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00E0320A073E207474DC8DCEEE649FBE6E

File PE Metadata
Compilation timestamp:
7/31/2011 7:15:11 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
1536:5mdwiQdfrHERomPhrd2ftdUAGiZqTYID9fR8nIBHhxgyC1fvIMMI:viEX8p5AGvFBHhxgyC1fvjH

Entry address:
0x7B2D

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, A7, 2F, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 83, 7D, 08, 00, 74, 2D, FF, 75, 08, 6A, 00, FF, 35, 18, BF, 01, 10, FF, 15, D8, 50, 01, 10, 85, C0, 75, 18, 56, E8, 0F, 18, 00, 00, 8B, F0, FF, 15, 8C, 51, 01, 10, 50, E8, BF, 17, 00, 00, 59, 89, 06, 5E, 5D, C3, 8B, FF, 55, 8B, EC, 83, EC, 20, 53, 57, 33, DB, 6A, 07, 33, C0, 59, 8D, 7D, E4, 89, 5D, E0, F3, AB, 39, 5D, 14, 75, 18, E8, D8, 17, 00, 00...
 
[+]

Entropy:
6.4667

Code size:
76.5 KB (78,336 bytes)

Scan apimonitor-drv-x86.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.