home

rspcrash32.sys

WhoCrashed

Daniel Terhell

Publisher:
Resplendence Software Projects Sp.  (signed by Daniel Terhell)

Product:
WhoCrashed

Description:
Resplendence WhoCrashed Crash Dump Test

Version:
4.00 built by: WinDDK

MD5:
91d494887df1b9bc307fb7bdc3dcc12d

SHA-1:
78a5103288576fea67cc694215590da7022d2843

SHA-256:
5c82a7edd98f43d642d8f4a5fd9f0149db6e6847a941686bab447b0c62cd901b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/10/2024 8:37:52 AM UTC  (today)

File size:
14.4 KB (14,752 bytes)

Product version:
4.00

Copyright:
Copyright (c)1997-2012 Resplendence Software Projects Sp.

Original file name:
rspCrash

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Program Files\whocrashed\rspcrash32.sys

Digital Signature
Signed by:
Daniel Terhell

Authority:
GlobalSign nv-sa

Valid from:
6/9/2011 10:09:11 AM

Valid to:
6/9/2014 8:24:16 AM

Subject:
CN=Daniel Terhell, C=IT

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000013074C60B42

File PE Metadata
Compilation timestamp:
11/5/2012 2:18:43 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
192:suPhEuXJpt77F8k/8Na2c3JOTbnJJqiGeuVe+PjP1BfzzSOsxxmRIeM0:sWhFpN132c3JO/nmtHPL1ZeYR3

Entry address:
0x40A6

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 72, D0, FF, FF, CC, CC, 14, 41, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, B0, 41, 00, 00, 20, 20, 00, 00, F4, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 84, 42, 00, 00, 00, 20, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 4C, 42, 00, 00, 2E, 42, 00, 00, 12, 42, 00, 00, F6, 41, 00, 00, E0, 41, 00, 00, CA, 41, 00, 00, 70, 42, 00, 00, 00, 00, 00, 00, A2, 41, 00, 00, 8A, 41, 00, 00, 76, 41, 00, 00, 66, 41, 00, 00, 5A, 41...
 
[+]

Entropy:
6.2727

Code size:
3 KB (3,072 bytes)

Scan rspcrash32.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.