home

gakrnl.sys

HSX-E1

Canopus Co., Ltd.

It runs as a Windows kernel mode device driver named “gakrnl”.
Publisher:
Thomson Canopus Co., Ltd.  (signed by Canopus Co., Ltd.)

Product:
HSX-E1

Description:
HSX-E1 WDM Driver

Version:
1.1.0.0

MD5:
c9d23d782881c86fb02c63f974b70ba3

SHA-1:
a0185555a23af07d88599b1dd315d4212624cb93

SHA-256:
e165dc18a37e6d04fd804ef196b90ec7708164291e4e9971d88c4062b6082fe3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 1:28:00 PM UTC  (today)

File size:
194.8 KB (199,480 bytes)

Product version:
1.1.0.0

Copyright:
Copyright (C) 2008-2009 Thomson Canopus Co., Ltd.

Original file name:
gakrnl.sys

File type:
Driver (Win32 SYS)

Language:
Japanese (Japan)

Common path:
C:\Windows\System32\drivers\gakrnl.sys

Digital Signature
Signed by:
Canopus Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
3/3/2008 12:00:00 AM

Valid to:
3/3/2009 11:59:59 PM

Subject:
CN="Canopus Co., Ltd.", OU=Development Group, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Canopus Co., Ltd.", L="1-2-4 Murotani, Nishi-ku, Kobe", S=Hyougo, C=JP

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
37469DC8BA6F57FBD61F0062C3A14104

File PE Metadata
Compilation timestamp:
1/22/2009 6:09:37 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
7.0

CTPH (ssdeep):
3072:agWrEqNIdEYNgEBwM/yvuKM7M3LjWJdEC7sLgF0uVUPq3ETMaA:agZXO2IdMQ3Lr/u+/IF

Entry address:
0x814

Entry point:
55, 8B, EC, 51, 51, 8D, 45, F8, 50, FF, 75, 0C, E8, F1, FA, FF, FF, 85, C0, 7C, 67, 8D, 45, F8, 50, E8, 72, FF, FF, FF, 85, C0, 7C, 5A, 8B, 45, 08, C7, 40, 38, 7C, 0C, 01, 00, C7, 40, 40, F8, 0D, 01, 00, C7, 40, 70, 0A, 18, 01, 00, C7, 80, 80, 00, 00, 00, FA, 0E, 01, 00, C7, 80, A4, 00, 00, 00, FA, 5C, 01, 00, C7, 80, 94, 00, 00, 00, 76, 65, 01, 00, C7, 80, 90, 00, 00, 00, D6, 64, 01, 00, C7, 40, 34, 88, 29, 01, 00, C7, 40, 30, F2, 4D, 01, 00, 8B, 40, 18, C7, 40, 04, 78, 04, 01, 00, 33, C0, C9, C2, 08, 00...
 
[+]

Entropy:
6.0874

Developed / compiled with:
Microsoft Visual C++

Code size:
26.8 KB (27,392 bytes)

Driver
Display name:
gakrnl

Type:
Kernel device driver (KernelDriver)


Scan gakrnl.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.