home

qkbfiltr.sys

Keyboard HotKey Filter Driver

TestCertforWDK

It runs as a Windows kernel mode device driver named “Keyboard Filter Driver”.
Publisher:
KM Software Team  (signed by TestCertforWDK)

Product:
Keyboard HotKey Filter Driver

Description:
Keyboard HotKey Filter Driver

Version:
3, 0, 8, 14

MD5:
229f043c90aa2fe2763385ae67f3e27c

SHA-1:
631b920d8fe2d7abbf81682b9e9b6cb512fea47e

SHA-256:
9a8ad486b2a9615a973f85dc3fc0cde2a9d15751c2a185c8622c6375829a7683

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/29/2024 2:42:25 PM UTC  (today)

File size:
34.5 KB (35,280 bytes)

Product version:
3, 0, 8, 14

Copyright:
Copyright (C) 2003-2009, KM Software Team. All rights reserved.

Original file name:
qkbfiltr.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\qkbfiltr.sys

Digital Signature
Signed by:
TestCertforWDK

Authority:
TestCertforWDK

Valid from:
10/2/2009 8:14:29 PM

Valid to:
1/1/2040 8:59:59 AM

Subject:
CN=TestCertforWDK

Issuer:
CN=TestCertforWDK

Serial number:
8B586C091B4B2EBF43A308EF3DC1F103

File PE Metadata
Compilation timestamp:
10/1/2009 3:55:33 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
768:bS8SKAf5H8f5PukrCLArV5kSnsKb1tKRp2ij4c+:bSLKAf5H+NdwARfsAfKRpja

Entry address:
0x723E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, CA, F5, FF, FF, CC, CC, C0, 72, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 0C, 7B, 00, 00, 34, 3F, 00, 00, 8C, 72, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 1A, 7B, 00, 00, 00, 3F, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, FE, 73, 00, 00, C0, 7A, 00, 00, 28, 74, 00, 00, AC, 7A, 00, 00, 98, 7A, 00, 00, 82, 79, 00, 00, 54, 79, 00, 00, 42, 79, 00, 00, D4, 7A, 00, 00, 4A, 76, 00, 00, E0, 74, 00, 00, 28, 75, 00, 00, 00, 00...
 
[+]

Entropy:
6.3501

Code size:
26 KB (26,624 bytes)

Driver
Display name:
Keyboard Filter Driver

Service name:
qkbfiltr

Type:
Kernel device driver (KernelDriver)

Group:
Keyboard Port


Scan qkbfiltr.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.