home

procdump.exe

ProcDump

VS Bld Lab

Publisher:
Sysinternals - www.sysinternals.com  (signed by VS Bld Lab)

Product:
ProcDump

Description:
Sysinternals process dump utility

Version:
5.0

MD5:
1e0110e4bfc8511476099efb5084aa67

SHA-1:
6d1f96e4d6efa015e1a0cdc847d9126038aa3dc5

SHA-256:
4f26ec949cd459e1faedbda56971824439e534e6215093858a94081f4736739f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 3:12:06 PM UTC  (today)

File size:
183.9 KB (188,280 bytes)

Product version:
5.0

Copyright:
Copyright (C) 2009-2012 Mark Russinovich

Original file name:
procdump

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Digital Signature
Signed by:
VS Bld Lab

Authority:
MSIT Test CodeSign CA 2

Valid from:
3/6/2012 5:01:20 PM

Valid to:
3/6/2013 5:01:20 PM

Subject:
CN=VS Bld Lab

Issuer:
CN=MSIT Test CodeSign CA 2, DC=redmond, DC=corp, DC=microsoft, DC=com

Serial number:
2A1C8D4E00020020BBB1

File PE Metadata
Compilation timestamp:
6/13/2012 2:00:18 PM

OS version:
6.2

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

CTPH (ssdeep):
3072:Zh2dyaYRmr2kLGs76gCE+lJQXSRX5HrNLySSywT/:Zh2oaYlUGsGxE+gI5HrNLXSx/

Entry address:
0xA151

Entry point:
E9, 00, 48, EB, 46, 06, F0, B5, FA, FF, F7, 65, FF, BD, E8, 00, 88, 00, 00, 2D, E9, 18, 48, 0D, F2, 08, 0B, 08, 4C, 20, 68, B0, F1, FF, 3F, 05, D0, 05, 4B, 1B, 68, 98, 47, 6F, F0, 00, 03, 23, 60, 03, F0, 7F, FD, BD, E8, 18, 88, FE, DE, 9C, 91, 41, 00, 48, 84, 42, 00, 03, B4, 2D, E9, 90, 48, 0D, F2, 08, 0B, 6F, 46, 04, 46, 3C, 61, 1F, 4B, E3, 65, 00, 23, A3, 60, 01, 23, 63, 61, 23, 67, 43, 23, A0, F8, CC, 30, A0, F8, D2, 31, 18, 4B, A3, 66, 0D, 20, 03, F0, 8D, FD, BF, F3, 5B, 8F, A2, 6E, 52, E8, 00, 1F, 01...
 
[+]

Entropy:
6.4581

Packer / compiler:
Xtreme-Protector v1.05

Code size:
94 KB (96,256 bytes)

Scan procdump.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.