home

khips.sys

Sunbelt Firewall Engine

Sunbelt Software

It runs as a Windows kernel mode device driver named “Kerio HIPS Driver”.
Publisher:
Sunbelt Software  (signed and verified)

Product:
Sunbelt Firewall Engine

Description:
Sunbelt Kerio Host Intrusion Prevention Driver

Version:
4.3.142.0

MD5:
304ce9fb3d64caa07b940bef4f8c2dcd

SHA-1:
229a41933e82e716298b2794461dba2137769a84

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2024 3:04:36 PM UTC  (today)

File size:
89.5 KB (91,672 bytes)

Product version:
4.3.142.0

Copyright:
Copyright © 2002-2005 Sunbelt Software. All rights reserved.

Trademarks:
SUNBELT SOFTWARE and the "S" logo are registered trademarks of Sunbelt Software. Sunbelt Firewall Engine and SFE are trademarks of Sunbelt Software.

Original file name:
khips.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\khips.sys

Digital Signature
Signed by:
Sunbelt Software

Authority:
VeriSign, Inc.

Valid from:
9/1/2005 2:00:00 AM

Valid to:
10/23/2006 1:59:59 AM

Subject:
CN=Sunbelt Software, OU=Products, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Sunbelt Software, L=Clearwater, S=Florida, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
37BE4CCAD823C7F1BADCA0059236914C

File PE Metadata
Compilation timestamp:
7/6/2006 6:02:00 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
768:MWWPolI9xkZLuk4lv+uWwB2MgGWoZwLD88lkZb0MX4eqHxgEJcLeaTAiL3z8b2:MWWPPkVB4lv+u/jbwykcLlTAiQ2

Entry address:
0x1A60

Entry point:
33, C0, A3, 20, 1A, 41, 00, 53, 8B, 5C, 24, 0C, A3, 24, 1A, 41, 00, A3, 28, 1A, 41, 00, A3, 2C, 1A, 41, 00, 0F, B7, 0B, 56, 57, 83, C1, 02, 51, E8, D7, 62, 00, 00, 8B, F8, 85, FF, 89, 3D, 28, 1A, 41, 00, 74, 30, 0F, B7, 0B, 83, C1, 02, 8B, D1, C1, E9, 02, 33, C0, F3, AB, 8B, CA, 83, E1, 03, F3, AA, 0F, B7, 0B, 8B, 73, 04, 8B, 3D, 28, 1A, 41, 00, 8B, C1, C1, E9, 02, F3, A5, 8B, C8, 83, E1, 03, F3, A4, 53, E8, D5, FB, FF, FF, 8B, 0D, 18, 1A, 41, 00, 68, 60, 1A, 41, 00, 51, 68, A4, A7, 40, 00, 68, 98, A7, 40...
 
[+]

Code size:
40 KB (40,960 bytes)

Driver
Display name:
Kerio HIPS Driver

Service name:
khips

Type:
Kernel device driver (KernelDriver)


Scan khips.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.