» ksecdd.sys
Overview
Analysis
File Details
Behaviors (1)

ksecdd.sys

Kernel Security Support Provider Interface

Microsoft Corporation

It runs as a Windows 64-bit kernel mode device driver named “KSecDD”. It is installed with Windows 7.

File name:

ksecdd.sys

Publisher:

Microsoft Corporation (signed and verified)

Product:

Microsoft® Windows® Operating System

Description:

Kernel Security Support Provider Interface

Part of the Windows 7 (with Service Pack 1) Operating System

Version:

6.1.7601.21971 (win7sp1_ldr.120418-1503)

MD5:

9a038ed21d2ecb3d53f7d91b36ad57fc

SHA-1:

aa0b9219c0ebc6b8f5f1f47c707a58ee4e3ca0b9

SHA-256:

208936f309f2459063933a268d47adf694e6b63e43671a2cb2c211f3e5179aa5

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)
Whitelisted (by digital signature)

Analysis date:

5/4/2024 2:07:41 AM UTC (today)

File size:

93.4 KB (95,600 bytes)

Product version:

6.1.7601.21971

Original file name:

ksecdd.sys

File type:

Driver (Win64 SYS)

Language:

English (United States)

Common path:

C:\Windows\System32\drivers\ksecdd.sys

Digital Signature

Signed by:

Microsoft Corporation

Authority:

Microsoft Corporation

Valid from:

3/27/2012 12:37:17 AM

Valid to:

6/27/2013 12:37:17 AM

Subject:

CN=Microsoft Windows, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:

CN=Microsoft Windows Verification PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:

6105DD42000000000014

File PE Metadata

Compilation timestamp:

4/19/2012 5:33:09 AM

OS version:

6.1

OS bitness:

Win64

Subsystem:

Native (none required)

Linker version:

9.0

CTPH (ssdeep):

1536:mfQ3lqXDlG5Bp3stMvuB0eebHxZmzu3tqXan/uqaU4jHbl+:mWqXo5nstt+eebHxx3ttn/taUubl+

Entry address:

0x1806C

Entry point:

48, 83, EC, 28, 4C, 8B, C2, 4C, 8B, C9, E8, 95, FF, FF, FF, 49, 8B, D0, 49, 8B, C9, 48, 83, C4, 28, E9, 86, 01, 00, 00, 90, 90, 90, 90, 90, 90, 5C, 00, 44, 00, 65, 00, 76, 00, 69, 00, 63, 00, 65, 00, 5C, 00, 4B, 00, 73, 00, 65, 00, 63, 00, 44, 00, 44, 00, 00, 00, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 46, 61, 69, 6C, 65, 64, 20, 74, 6F, 20, 69, 6E, 69, 74, 69, 61, 6C, 69, 7A, 65, 0A, 00, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 54, 68, 65, 20, 64, 72, 69, 76, 65, 72, 20, 66... 
[+]

Entropy:

6.1556

Code size:

62 KB (63,488 bytes)

Driver

Display name:

KSecDD

Type:

Kernel device driver (KernelDriver)

Group:

Base

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.