» KernelTraceControl.dll
Overview
Analysis
File Details

KernelTraceControl.dll

Microsoft Windows Performance Analyzer

Windows Central Build Account

File name:

Publisher:

Microsoft Corporation (signed by Windows Central Build Account)

Product:

Microsoft® Windows® Performance Analyzer

Description:

Performance Analyzer Kernel Tracing Control Library

Version:

6.3.9600.16422 (winblue_gdr_lean_stage_tools.131107-2000)

MD5:

3ec0c1cb732c31db4a124a800f5aeaaa

SHA-1:

7839953c50cf125baf00ad8c61f0fe16196db22c

SHA-256:

a8721ad4e63b13a454a007af1298b30eef9ff204b0cdb7fe65f35a35531cb20a

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/26/2024 12:19:03 PM UTC (today)

File size:

148.4 KB (151,944 bytes)

Product version:

6.3.9600.16422

Original file name:

KernelTraceControl.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\roaming\perfview\ver.2014-05-16.08.39.58.142\x86\kerneltracecontrol.dll

Digital Signature

Signed by:

Windows Central Build Account

Authority:

MSIT Test CodeSign CA 1

Valid from:

10/7/2013 2:55:29 PM

Valid to:

8/2/2014 4:37:51 PM

Subject:

CN=Windows Central Build Account

Issuer:

CN=MSIT Test CodeSign CA 1, DC=redmond, DC=corp, DC=microsoft, DC=com

Serial number:

301DB4260001003F3571

File PE Metadata

Compilation timestamp:

11/8/2013 2:39:51 AM

OS version:

6.3

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

11.0

CTPH (ssdeep):

3072:PhX0evCgVCHu/KfgQ2gPz8rJZfiucwcngahVNixKZF:PhX0evCgVcc0V7CZiDhlXZF

Entry address:

0x1A938

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 50, 08, 00, 00, 5D, E9, 2A, 00, 00, 00, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, B8, 63, 73, 6D, E0, 39, 45, 08, 75, 0D, FF, 75, 0C, 50, E8, AF, 06, 00, 00, 59, 59, 5D, C3, 33, C0, 5D, C3, CC, CC, CC, CC, CC, 6A, 2C, 68, 20, F7, 01, 10, E8, F0, 03, 00, 00, C7, 45, E4, 01, 00, 00, 00, 33, F6, 89, 75, FC, 8B, 45, 0C, 83, F8, 01, 77, 05, A3, 28, 00, 02, 10, 83, 7D, 0C, 00, 75, 11, 83, 3D, C8, 02, 02, 10, 00, 75, 08, 89, 75, E4, E9, 1E, 02, 00, 00, 8B, 45, 0C, 83... 
[+]

Entropy:

6.4320

Code size:

123 KB (125,952 bytes)

Scan KernelTraceControl.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.