home

kprocesshacker.sys

KProcessHacker

ReactOS Foundation

Publisher:
wj32  (signed by ReactOS Foundation)

Product:
KProcessHacker

Version:
2.5

MD5:
30ecb3c49141a7ed441baba0e3c5aea6

SHA-1:
9512bdcb964c969367ef809715c21c3a9e81adbc

SHA-256:
13b6da8ff3a8b78bc96c86c152c6660a899d222df96a1e7c43e9a7929a93eb43

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 11:58:15 AM UTC  (today)

File size:
34.6 KB (35,400 bytes)

Product version:
2.5

Copyright:
Copyright (c) 2009 wj32. Licensed under the GNU GPL, v3.

Original file name:
kprocesshacker.sys

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Program Files\process hacker 2\kprocesshacker.sys

Digital Signature
Signed by:
ReactOS Foundation

Authority:
VeriSign, Inc.

Valid from:
5/4/2010 2:00:00 AM

Valid to:
5/19/2012 1:59:59 AM

Subject:
CN=ReactOS Foundation, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=ReactOS Foundation, L=Moscow, S=Russia, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3FAD6897525E59B1C852B3485A48FFDD

File PE Metadata
Compilation timestamp:
1/2/2011 12:48:16 AM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
768:QuLNMoCSlC5japIuadWDacCxOnKaCN86AN5AcJOdqL4LNbCbMmc:QuLoP58zaZ6F8dqL4RCbDc

Entry address:
0xA064

Entry point:
48, 83, EC, 28, 4C, 8B, C2, 4C, 8B, C9, E8, 95, FF, FF, FF, 49, 8B, D0, 49, 8B, C9, 48, 83, C4, 28, E9, 86, BF, FF, FF, CC, CC, B0, A0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, B4, A8, 00, 00, 00, 30, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, E0, A2, 00, 00, 00, 00, 00, 00, F8, A2, 00, 00, 00, 00, 00, 00, 0C, A3, 00, 00, 00, 00, 00, 00, 24, A3, 00, 00, 00, 00, 00, 00, 36, A3, 00, 00, 00, 00, 00, 00, 46, A3, 00, 00, 00, 00, 00, 00, 58, A3, 00, 00...
 
[+]

Code size:
21.5 KB (22,016 bytes)

Scan kprocesshacker.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.