home

nvlddmkm.sys

NVIDIA Windows Kernel Mode Driver, Version 347.52

Edgard Roberto Viera

It runs as a Windows 64-bit kernel mode device driver named “nvlddmkm”.
Publisher:
NVIDIA Corporation  (signed by Edgard Roberto Viera)

Product:
NVIDIA Windows Kernel Mode Driver, Version 347.52

Version:
9.18.13.4752

MD5:
68a398ac44878e5b90fb45a52f410685

SHA-1:
8861c464af0d4b74076f7d8ae02e597bb4aba539

SHA-256:
6ade35f403831f851f897845ca58da1849f4f9d4811ffca262095e2c6be2f771

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/20/2024 1:13:50 AM UTC  (today)

File size:
9.8 MB (10,281,056 bytes)

Product version:
9.18.13.4752

Copyright:
(C) 2015 NVIDIA Corporation. All rights reserved.

Original file name:
nvlddmkm.sys

File type:
Driver (Win64 SYS)

Common path:
C:\Windows\System32\drivers\nvlddmkm.sys

Digital Signature
Signed by:
Edgard Roberto Viera

Authority:
GlobalSign nv-sa

Valid from:
6/26/2012 12:51:29 AM

Valid to:
6/27/2013 12:51:29 AM

Subject:
CN=Edgard Roberto Viera, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121C44616E3C635CF293F8BE9DCAB685E6B

File PE Metadata
Compilation timestamp:
2/6/2015 3:01:37 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
12.0

CTPH (ssdeep):
98304:z30AzA7oL8EZinElZMuX5MnxbLlY/nqji3ZACx/p7gKNrgI8Y5:zo7oLGQZvXKVCPnAk/OKNrH

Entry address:
0x9E9000

Entry point:
48, 89, 5C, 24, 10, 55, 56, 57, 41, 54, 41, 55, 41, 56, 41, 57, 48, 8D, AC, 24, B0, FD, FF, FF, 48, 81, EC, 50, 03, 00, 00, 4C, 8B, F1, 4C, 8B, FA, 45, 33, E4, 48, 8D, 0D, 11, 19, C9, FF, 33, D2, 41, B8, C0, E2, 02, 00, 4C, 89, 64, 24, 30, 4C, 89, 64, 24, 38, E8, BA, 6B, B0, FF, 4C, 8D, 05, 43, 40, C9, FF, 48, 8D, 15, 38, 40, C9, FF, 48, 8D, 0D, 2D, 40, C9, FF, 45, 33, C9, 4C, 89, 35, DB, 18, C9, FF, FF, 15, 9D, 15, B2, FF, 83, 0D, 86, 19, C9, FF, FF, 41, 8D, 74, 24, 01, BF, 1C, 01, 00, 00, 48, 8D, 0D, 25...
 
[+]

Entropy:
6.5483

Code size:
6.4 MB (6,762,496 bytes)

Driver
Display name:
nvlddmkm

Type:
Kernel device driver (KernelDriver)

Group:
Video


Scan nvlddmkm.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.