home

procexp64.exe

Process Explorer

Sysinternals

Publisher:
Sysinternals  (signed and verified)

Product:
Process Explorer

Description:
Sysinternals Process Explorer

Version:
9.21

MD5:
1986b1a1f9339e0093e85ccfbe25259e

SHA-1:
2d1959956fed1d850ee9854dedd2ccffcf3d628a

SHA-256:
bee3c419c6453c40e17118896be81a9b7d6069b9d5b863974ca556e5726e4d4a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 6:40:40 AM UTC  (today)

File size:
753.5 KB (771,600 bytes)

Product version:
9.21

Copyright:
Copyright © 1998-2005 Mark Russinovich

Original file name:
Procexp.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Digital Signature
Signed by:
Sysinternals

Authority:
VeriSign, Inc.

Valid from:
1/28/2005 1:00:00 AM

Valid to:
1/29/2006 12:59:59 AM

Subject:
CN=Sysinternals, OU=Headquarters, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Sysinternals, L=Austin, S=Texas, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2FF3A153897505B5AA4AC3367E4309C7

File PE Metadata
Compilation timestamp:
8/17/2005 4:41:20 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:YTaLYhW7hL+fsLYRcrxyihW8x2CJw30YT:Y4hL0sDr4iQ8x2CM3

Entry address:
0x59AF0

Entry point:
48, 81, EC, C8, 00, 00, 00, 48, 89, 9C, 24, C0, 00, 00, 00, 48, 89, BC, 24, B8, 00, 00, 00, 48, 8D, 4C, 24, 40, FF, 15, 7E, CE, 08, 00, 90, FF, 15, 5F, CF, 08, 00, 48, 8B, C8, 41, B8, 94, 00, 00, 00, 33, D2, FF, 15, 56, CF, 08, 00, 48, 8B, D8, 48, 85, C0, 75, 2C, 83, 3D, 1F, 34, 08, 00, 01, 75, 05, E8, 50, 08, 00, 00, B9, 12, 00, 00, 00, E8, D6, 05, 00, 00, B9, FF, 00, 00, 00, E8, AC, 02, 00, 00, B8, FF, 00, 00, 00, E9, 2C, 02, 00, 00, C7, 00, 94, 00, 00, 00, 48, 8B, C8, FF, 15, 2B, CE, 08, 00, 85, C0, 75...
 
[+]

Entropy:
5.4820

Code size:
501.5 KB (513,536 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.