home

hkkernel.sys

GHCORE Driver

Suzhou Ind. Park ShiSuanKeJi Co., Ltd.

It runs as a Windows 64-bit kernel mode device driver named “hkkernel”.
Publisher:
GH  (signed by Suzhou Ind. Park ShiSuanKeJi Co., Ltd.)

Product:
GHCORE Driver

Description:
GH Driver

Version:
1.00.00.05

MD5:
5b87860f44e78f3d20489644ba93fcaa

SHA-1:
b7ae51b65a76ab8695ce58ade000d85f99feefed

SHA-256:
d6a897f4f615dd72dd59ab1b90408f5dca0d26e15fdcc82b895e17e2173ddf38

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/10/2024 4:13:18 PM UTC  (today)

File size:
65.4 KB (66,960 bytes)

Product version:
1.00.00.05

Copyright:
Copyright

Original file name:
GHCORE.SYS

File type:
Driver (Win64 SYS)

Common path:
C:\windows\syswow64\x64\hkkernel.sys

Digital Signature
Signed by:
Suzhou Ind. Park ShiSuanKeJi Co., Ltd.

Authority:
GlobalSign nv-sa

Valid from:
7/6/2009 11:56:35 AM

Valid to:
7/6/2010 11:56:35 AM

Subject:
E=support@winmount.com, CN="Suzhou Ind. Park ShiSuanKeJi Co., Ltd.", O="Suzhou Ind. Park ShiSuanKeJi Co., Ltd.", C=CN

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
010000000001224E6689D6

File PE Metadata
Compilation timestamp:
3/2/2010 8:11:54 PM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

Entry address:
0x9064

Entry point:
48, 83, EC, 28, 4C, 8B, C2, 4C, 8B, C9, E8, 95, FF, FF, FF, 49, 8B, D0, 49, 8B, C9, 48, 83, C4, 28, E9, 02, 89, FF, FF, CC, CC, D8, 90, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, E4, 94, 00, 00, 18, 60, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, F2, 94, 00, 00, 00, 00, 00, 00, 04, 95, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 36, 92, 00, 00, 00, 00, 00, 00, 54, 92, 00, 00...
 
[+]

Entropy:
6.5077

Code size:
19 KB (19,456 bytes)

Driver
Display name:
hkkernel

Type:
Kernel device driver (KernelDriver)


Scan hkkernel.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.