procmond.sys

Barracuda Network Access Client

Barracuda Networks AG

It runs as a Windows 64-bit kernel mode device driver named “Barracuda Process Monitor”.
Publisher:
Barracuda Networks, Inc.  (signed by Barracuda Networks AG)

Product:
Barracuda Network Access Client

Description:
Barracuda Process Monitor

Version:
4.0.0.12 built by: WinDDK

MD5:
55671cfa25c422a0727457d397611cc4

SHA-1:
30e0e78f8f6e5642c956a3bec4bf33ad6d6aee67

SHA-256:
0b21545a39cd45f34c6d1d5f53336dfc9d8f0817737376cd5966fca28bee5718

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
7/12/2025 6:33:56 PM UTC  (today)

File size:
17.7 KB (18,160 bytes)

Product version:
4.0.0.12

Copyright:
Copyright (C) Barracuda Networks, Inc.

Original file name:
procmond.sys

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\procmond.sys

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
12/11/2012 7:00:00 PM

Valid to:
1/8/2015 6:59:59 PM

Subject:
CN=Barracuda Networks AG, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Barracuda Networks AG, L=Innsbruck, S=Tyrol, C=AT

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3AD51EE1CB9A75DD249060217908DFD2

File PE Metadata
Compilation timestamp:
4/15/2014 3:32:18 AM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
384:KTCXd05lAU0r/FvbMM7DnYPLQa6j/leMx4:6I+nAUGmeDym4

Entry address:
0x6064

Entry point:
48, 83, EC, 28, 4C, 8B, C2, 4C, 8B, C9, E8, 95, FF, FF, FF, 49, 8B, D0, 49, 8B, C9, 48, 83, C4, 28, E9, 9E, AF, FF, FF, CC, CC, B0, 60, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 7E, 63, 00, 00, 00, 30, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 70, 61, 00, 00, 00, 00, 00, 00, 84, 61, 00, 00, 00, 00, 00, 00, 94, 61, 00, 00, 00, 00, 00, 00, AC, 61, 00, 00, 00, 00, 00, 00, C4, 61, 00, 00, 00, 00, 00, 00, E0, 61, 00, 00, 00, 00, 00, 00, 00, 62, 00, 00...
 
[+]

Entropy:
6.5697

Code size:
5.5 KB (5,632 bytes)

Driver
Display name:
Barracuda Process Monitor

Service name:
ProcMonD

Type:
Kernel device driver (KernelDriver)


Scan procmond.sys - Powered by Reason Core Security