home

kdpatch.sys

VitualKD

SysProgs.org

Publisher:
SysProgs.org  (signed and verified)

Product:
VitualKD

Description:
VirtualKD kernel debugger patcher

Version:
2.7

MD5:
8de84897c2a823eb7fd93d49e489bcc0

SHA-1:
dfc3040c7bf85a70b859e3981b2c9ce6d0df0563

SHA-256:
b4f181358ae76befc20df3e617cf07d69967d88ed65a8ff3bf771a98f5aa59b4

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 1:34:34 PM UTC  (today)

File size:
24.2 KB (24,760 bytes)

Product version:
2.7

Copyright:
LGPL

Trademarks:
SysProgs.org

Original file name:
kdpatch.sys

File type:
Driver (Win32 SYS)

Language:
English

Common path:
C:\Program Files\visualddk\target\x86\kdpatch.sys

Digital Signature
Signed by:
SysProgs.org

Authority:
SysProgs.org

Valid from:
6/20/2009 5:03:23 PM

Valid to:
1/1/2040 3:29:59 AM

Subject:
CN=SysProgs.org

Issuer:
CN=SysProgs.org

Serial number:
27A204D597CF23A6471AACAF9BA42061

File PE Metadata
Compilation timestamp:
7/7/2012 11:08:02 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
10.0

CTPH (ssdeep):
384:OgQOitWr+968SlQoget0BWy2Aw0KzT3mirILVSW:Oge68SqhWy2tLz6IILIW

Entry address:
0x17C0

Entry point:
55, 8B, EC, 56, BE, 04, 80, 42, 00, 8B, C6, 3D, 04, 80, 42, 00, 73, 0F, 8B, 0E, FF, D1, 83, C6, 04, 81, FE, 04, 80, 42, 00, 72, F1, BE, 04, 70, 42, 00, 8B, D6, 81, FA, 04, 70, 42, 00, 73, 0F, 8B, 06, FF, D0, 83, C6, 04, 81, FE, 04, 70, 42, 00, 72, F1, A1, 6C, 64, 42, 00, 85, C0, 78, 36, 8B, 75, 0C, 57, 8B, 7D, 08, 57, E8, 5B, 09, 00, 00, 8B, F0, 85, F6, 79, 0D, E8, 20, FF, FF, FF, 5F, 8B, C6, 5E, 5D, C2, 08, 00, 8B, 47, 34, 85, C0, 74, 0C, A3, 50, 60, 40, 00, C7, 47, 34, A0, 17, 40, 00, 8B, C6, 5F, 5E, 5D...
 
[+]

Entropy:
5.9290

Developed / compiled with:
Microsoft Visual C++

Code size:
14 KB (14,336 bytes)

Scan kdpatch.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.