home

KCDCDRH.SYS

Kings Information & Network

It runs as a Windows kernel mode device driver named “KCDCDRH”.
Publisher:
Kings Information & Network  (signed and verified)

Product:
Kings Information & Network

Description:
KCDCDRH ( Unicode )

Version:
3, 0, 0, 5

MD5:
6a5e8f1f9dca13fb37537bb8d3ac3f8d

SHA-1:
35bf7b372ee772baa118dd3b1924c481cb4bd73b

SHA-256:
98326889b4c8fbc5c3b5790a6acfa5c6c9da95b54ad76863ab356bf8d43c5419

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 12:46:56 AM UTC  (today)

File size:
16.6 KB (16,992 bytes)

Product version:
3, 0, 0, 5

Copyright:
Copyright ⓒ 2007 - 2010 Kings Information & Network

Original file name:
KCDCDRH.SYS

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\kcdcdrh.sys

Digital Signature
Signed by:
Kings Information & Network

Authority:
VeriSign, Inc.

Valid from:
6/8/2010 9:00:00 AM

Valid to:
7/9/2011 8:59:59 AM

Subject:
CN=Kings Information & Network, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Kings Information & Network, L=Songpa-gu, S=Seoul, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
13EBF0914E840864FD632D71364664EE

File PE Metadata
Compilation timestamp:
5/3/2011 10:48:39 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
384:paOvbGJJQzesPfYJLu1JLrkbbCztq6j0:gOvbGJJAGLW6bCztqm

Entry address:
0x503E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, D0, C3, FF, FF, CC, CC, 78, 50, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 6E, 53, 00, 00, 00, 30, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, FC, 50, 00, 00, 14, 51, 00, 00, 1E, 51, 00, 00, 3A, 51, 00, 00, 4E, 51, 00, 00, 5E, 51, 00, 00, 7A, 51, 00, 00, 92, 51, 00, 00, A2, 51, 00, 00, AC, 51, 00, 00, C2, 51, 00, 00, D8, 51, 00, 00, F8, 51, 00, 00, 0C, 52, 00, 00, 1C, 52, 00, 00, 34, 52, 00, 00, 46, 52, 00, 00, 5E, 52...
 
[+]

Entropy:
6.2784

Code size:
5.5 KB (5,632 bytes)

Driver
Display name:
KCDCDRH

Type:
Kernel device driver (KernelDriver)


Scan KCDCDRH.SYS - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.