ntoskrnl.exe

Besturingssysteem Microsoft Windows

Microsoft Corporation

Scan ntoskrnl.exe - Powered by Reason Core Security
Publisher:
Microsoft Corporation

Product:
Besturingssysteem Microsoft® Windows®

Description:
NT-kernel & -systeem

Version:
5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)

MD5:
aac6bb111b1aceafcd3d3ad569ba3dd3

SHA-1:
f1691ab759fe1efeef8f5b07f01ccd4f0f9e6025

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/8/2016 9:20:36 PM UTC  (today)

File size:
2.1 MB (2,149,888 bytes)

Product version:
5.1.2600.5755

Copyright:
© Microsoft Corporation. Alle rechten voorbehouden.

Original file name:
ntkrnlmp.exe

File type:
Executable application (Win32 EXE)

Language:
Ducth (Netherlands)

Common path:
C:\Windows\System32\ntoskrnl.exe

File PE Metadata
Compilation timestamp:
2/6/2009 12:06:29 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
7.10

CTPH (ssdeep):
24576:a2ezaWWj8CBwgwJM4LqrpJGT/CuPNErvR9oLvvbIeAR1LslxrHXHj5T5jGGqH6sB:m9C6O7Doly1Ylt5T5jDgXm/PymSHVYE

Entry address:
0x1EAABF

Entry point:
55, 8B, EC, 83, EC, 20, 8B, 5D, 08, 89, 1D, 5C, 4A, 48, 00, 0F, B6, 0D, 60, 4A, 48, 00, 89, 4D, E8, 0B, C9, 75, 19, C7, 43, 24, C0, AC, 48, 00, C7, 43, 18, 00, 07, 48, 00, 6A, 30, 0F, A1, 64, 88, 0D, 30, 01, 00, 00, 8B, 43, 24, 89, 45, E0, 8B, 43, 18, 89, 45, E4, E8, FB, 32, FF, FF, 80, 7D, E8, 00, 0F, 85, 9F, 01, 00, 00, E8, 2D, 9B, E1, FF, 89, 7D, FC, 89, 75, F8, 89, 55, F4, 89, 45, F0, 8D, 4F, 28, C6, 41, 05, 89, 51, FF, 75, F4, E8, 21, 33, FF, FF, FF, 75, F4, E8, B4, F2, E4, FF, 66, B9, 28, 00, 0F, 00...
 
[+]

Entropy:
6.6311

Developed / compiled with:
Microsoft Visual C++

Code size:
1.8 MB (1,861,120 bytes)

Scan ntoskrnl.exe - Powered by Reason Core Security