home

kprocesshacker.sys

KProcessHacker

ReactOS Foundation

Publisher:
wj32  (signed by ReactOS Foundation)

Product:
KProcessHacker

Version:
2.5

MD5:
5f17b49e4cddf875ca59e76bd14f1a7b

SHA-1:
cfb06280c37a27e7b645202d177d93fdbbd42d09

SHA-256:
b2e090680f975995362e7c7ef032168f51c4199ce6f171cc787b7d0df5eaf402

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 3:53:24 AM UTC  (today)

File size:
34.6 KB (35,400 bytes)

Product version:
2.5

Copyright:
Licensed under the GNU GPL, v3.

Original file name:
kprocesshacker.sys

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Program Files\process hacker 2\kprocesshacker.sys

Digital Signature
Signed by:
ReactOS Foundation

Authority:
VeriSign, Inc.

Valid from:
5/3/2010 8:00:00 PM

Valid to:
5/18/2012 7:59:59 PM

Subject:
CN=ReactOS Foundation, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=ReactOS Foundation, L=Moscow, S=Russia, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3FAD6897525E59B1C852B3485A48FFDD

File PE Metadata
Compilation timestamp:
1/22/2011 4:19:43 PM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
768:hGzBMoCSlu/nrzXOhQ3sTqWd69gzCjmoV0l9EUZmhucLLNbCbMmP:hGz8j/nXMJ5shucLRCbDP

Entry address:
0xA064

Entry point:
48, 83, EC, 28, 4C, 8B, C2, 4C, 8B, C9, E8, 95, FF, FF, FF, 49, 8B, D0, 49, 8B, C9, 48, 83, C4, 28, E9, 86, BF, FF, FF, CC, CC, B0, A0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, B4, A8, 00, 00, 00, 30, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, E0, A2, 00, 00, 00, 00, 00, 00, F8, A2, 00, 00, 00, 00, 00, 00, 0C, A3, 00, 00, 00, 00, 00, 00, 24, A3, 00, 00, 00, 00, 00, 00, 36, A3, 00, 00, 00, 00, 00, 00, 46, A3, 00, 00, 00, 00, 00, 00, 58, A3, 00, 00...
 
[+]

Entropy:
6.2536

Code size:
21.5 KB (22,016 bytes)

Scan kprocesshacker.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.