ntkrnlpa.exe

Besturingssysteem Microsoft Windows

Microsoft Corporation

Scan ntkrnlpa.exe - Powered by Reason Core Security
Publisher:
Microsoft Corporation

Product:
Besturingssysteem Microsoft® Windows®

Description:
NT-kernel & -systeem

Version:
5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)

MD5:
6dcc1ce955f33ec4c0ce271bfa5d3310

SHA-1:
f8cb6ba4101eb79d157e9af64e8d97e445cd43ae

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/8/2016 3:20:19 AM UTC  (today)

File size:
1.9 MB (2,028,544 bytes)

Product version:
5.1.2600.5755

Copyright:
© Microsoft Corporation. Alle rechten voorbehouden.

Original file name:
ntkrpamp.exe

File type:
Executable application (Win32 EXE)

Language:
Ducth (Netherlands)

Common path:
C:\Windows\System32\ntkrnlpa.exe

File PE Metadata
Compilation timestamp:
2/6/2009 11:32:51 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
7.10

CTPH (ssdeep):
24576:LdPgHxwzZ5eDoO0aeCrkuCWHzmBbf4CgQk+/n9e0a77tr4a2VKU2Obji2MnQgHKH:6wPB0ycCt5//aiKUdHiu3+W1Bvr+Qj

Entry address:
0x1CAC08

Entry point:
55, 8B, EC, 83, EC, 20, 8B, 5D, 08, 89, 1D, 5C, EA, 47, 00, 0F, B6, 0D, 60, EA, 47, 00, 89, 4D, E8, 0B, C9, 75, 19, C7, 43, 24, 60, 4E, 48, 00, C7, 43, 18, 00, A7, 47, 00, 6A, 30, 0F, A1, 64, 88, 0D, 30, 01, 00, 00, 8B, 43, 24, 89, 45, E0, 8B, 43, 18, 89, 45, E4, E8, 37, 0C, 00, 00, 80, 7D, E8, 00, 0F, 85, 9F, 01, 00, 00, E8, 06, 33, EA, FF, 89, 7D, FC, 89, 75, F8, 89, 55, F4, 89, 45, F0, 8D, 4F, 28, C6, 41, 05, 89, 51, FF, 75, F4, E8, 36, 12, 00, 00, FF, 75, F4, E8, EE, F6, E5, FF, 66, B9, 28, 00, 0F, 00...
 
[+]

Entropy:
6.5980

Developed / compiled with:
Microsoft Visual C++

Code size:
1.6 MB (1,715,712 bytes)

Scan ntkrnlpa.exe - Powered by Reason Core Security