home

procdefender.sys

ProcessDefender

Kazakevich Aleh

Publisher:
Kazakevich Aleh  (signed and verified)

Product:
ProcessDefender

Description:
ProcessDefender Kernel Driver (64-bit).

Version:
1.0.0.0

MD5:
d717bc3d987b4c77b15ff37b269a3ccb

SHA-1:
0fca4e2e65a645b6b05c4068fdccc01d760cf824

SHA-256:
95656cb57f25be80a99ce00f00631a4748fb386f5d4b3c0cf73df4119e3b3d6b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 3:05:57 PM UTC  (today)

File size:
30.2 KB (30,896 bytes)

Product version:
1.0.0.0

Copyright:
Copyright (c) Kazakevich Aleh, 2013-2014. All Rights Reserved.

Original file name:
procdefender

File type:
Driver (Win64 SYS)

Digital Signature
Signed by:
Kazakevich Aleh

Authority:
GlobalSign nv-sa

Valid from:
5/13/2013 4:39:56 PM

Valid to:
8/13/2016 4:39:56 PM

Subject:
CN=Kazakevich Aleh, C=BY

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121AFED727328D8A70A94B143238F42CDE0

File PE Metadata
Compilation timestamp:
11/28/2014 9:27:12 PM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
768:wBv3HfEtBH4cTthBQcUoXV1wcDrHk4cCRL:wVHfeBy2XPrHk4/L

Entry address:
0x8064

Entry point:
48, 83, EC, 28, 4C, 8B, C2, 4C, 8B, C9, E8, 95, FF, FF, FF, 49, 8B, D0, 49, 8B, C9, 48, 83, C4, 28, E9, 0E, 97, FF, FF, CC, CC, B0, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, EE, 83, 00, 00, 00, 30, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 38, 82, 00, 00, 00, 00, 00, 00, 48, 82, 00, 00, 00, 00, 00, 00, 58, 82, 00, 00, 00, 00, 00, 00, 70, 82, 00, 00, 00, 00, 00, 00, 86, 82, 00, 00, 00, 00, 00, 00, 9C, 82, 00, 00, 00, 00, 00, 00, B4, 82, 00, 00...
 
[+]

Code size:
16 KB (16,384 bytes)

Scan procdefender.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.