home

fwpkclnt.sys

FWP/IPsec Kernel-Mode API

Microsoft Corporation

Publisher:
Microsoft Corporation  (signed and verified)

Product:
Microsoft® Windows® Operating System

Description:
FWP/IPsec Kernel-Mode API

Version:
6.1.7600.20951 (win7_ldr.110424-1506)

MD5:
418671677d457b9b9c80a7957f24eed8

SHA-1:
92667784acd6bb5f132e8bdf12dc68b3b3423932

SHA-256:
7dbb390d1501ce4f2189f11afcf2b113785f9ef69fe2553ae882d077fa937cd9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
4/26/2024 11:42:11 AM UTC  (today)

File size:
182.9 KB (187,264 bytes)

Product version:
6.1.7600.20951

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
fwpkclnt.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Digital Signature
Signed by:
Microsoft Corporation

Authority:
Microsoft Corporation

Valid from:
2/15/2011 12:41:44 AM

Valid to:
5/15/2012 1:41:44 AM

Subject:
CN=Microsoft Windows, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Windows Verification PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
61030556000000000010

File PE Metadata
Compilation timestamp:
4/25/2011 6:56:52 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
3072:+Lrff5Qg9r8X/B1OfvyJyU3463k3KdNDSZ9rJLBPxIZ1:+BQgV8X/B1OyJyU3463k3EDG9dRC1

Entry address:
0x2C03E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 8A, 51, FD, FF, CC, CC, C4, C1, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, 80, C3, 02, 00, FC, C0, 00, 00, C8, C0, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, 16, C7, 02, 00, 00, C0, 00, 00, 84, C1, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, 74, C8, 02, 00, BC, C0, 00, 00, E0, C0, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, BE, C9, 02, 00, 18, C0, 00, 00, 0C, C1, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, E4, CC, 02, 00, 44, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.4441

Code size:
104.5 KB (107,008 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.