home

epmprocmon_w2k.sys

EPM Process Monitor Kernel Driver

Eracent Inc.

Publisher:
Eracent Corporation  (signed by Eracent Inc.)

Product:
EPM Process Monitor Kernel Driver

Version:
9, 3, 0, 1

MD5:
44d95a89bf1c068aec5b9800ebbc4d3f

SHA-1:
4cca00f46b94ab48c7eba65396f39eba9841a779

SHA-256:
8105694b894e4b6bd4b87991e9f6b73c73b6cd6e77860ff25e4985b702b8ba93

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/16/2024 7:16:14 PM UTC  (today)

File size:
12.6 KB (12,880 bytes)

Product version:
9, 3, 0, 0

Copyright:
Copyright © 2005

Original file name:
EPMProcMon.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Program Files\eracent\epm\epmprocmon_w2k.sys

Digital Signature
Signed by:
Eracent Inc.

Authority:
GlobalSign nv-sa

Valid from:
8/16/2011 8:48:50 PM

Valid to:
8/16/2014 8:48:50 PM

Subject:
CN=Eracent Inc., O=Eracent Inc., L=Ottsville, S=PA, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11217A5C343EAB92CE97DD47D91D2430762C

File PE Metadata
Compilation timestamp:
8/9/2011 9:26:56 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
7.10

CTPH (ssdeep):
384:IaFU/PavK3Jz8pK5+BYntQYWT0dUb++PDhyv:hUnCIBg4+pT/iKDhyv

Entry address:
0xBB6

Entry point:
55, 8B, EC, 83, EC, 10, 53, 8B, 1D, 34, 0D, 01, 00, 56, 8B, 75, 08, 57, 68, 60, 0B, 01, 00, 8D, 45, F8, 50, C7, 46, 34, E8, 0A, 01, 00, C7, 46, 38, D8, 04, 01, 00, C7, 86, 80, 00, 00, 00, E4, 05, 01, 00, C7, 46, 44, 2C, 07, 01, 00, C7, 46, 70, 4C, 08, 01, 00, FF, D3, 8D, 45, 08, 50, 33, FF, 57, 57, 6A, 22, 8D, 45, F8, 50, 6A, 60, 56, FF, 15, 48, 0D, 01, 00, 3B, C7, 0F, 8C, 88, 00, 00, 00, 8B, 45, 08, 83, 48, 1C, 04, 8B, 45, 08, 8B, 70, 28, 68, 88, 0B, 01, 00, 8D, 45, F0, 50, FF, D3, 8D, 45, F8, 50, 8D, 45...
 
[+]

Entropy:
6.6832

Developed / compiled with:
Microsoft Visual C++

Code size:
2.9 KB (2,944 bytes)

Scan epmprocmon_w2k.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.