home

vs941e22.028

coreinfo

Sysinternals

Publisher:
Sysinternals - www.sysinternals.com  (signed by Sysinternals)

Product:
coreinfo

Description:
Dump information on CPU cores, NUMA nodes, sockets, groups and caches

Version:
2.00

MD5:
1d76a6bd487979560b7182147f2d5b71

SHA-1:
de3e6c59b39a753cf15e33cc7b048c61f94a4730

SHA-256:
d2eca4b1bb25c65353c8ad32cc425befbc72042093591a369beb62f4b64d6594

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 12:06:07 AM UTC  (today)

File size:
1.8 MB (1,915,768 bytes)

Product version:
2.00

Copyright:
Copyright (C) 2008-2009 Mark Russinovich

Original file name:
coreinfo

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\hc_attk\vs941e22.028

Digital Signature
Signed by:
Sysinternals

Authority:
VeriSign, Inc.

Valid from:
3/5/2007 1:00:00 AM

Valid to:
4/20/2010 1:59:59 AM

Subject:
CN=Sysinternals, OU=Headquarters, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Sysinternals, L=Austin, S=Texas, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7D2C89D309E57BEEF2D791BB8ED6A26F

File PE Metadata
Compilation timestamp:
10/2/2009 7:50:59 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
12288:sXwZ6hNnwMxJoxXwZUJNnwMxKoMXwZxgN78TzinIwZDQ+80LZjIwZD5T78TbTgIq:AwZxNwZPnwZPwZJGwZOwZ9NGmUFG

Entry address:
0x442C

Entry point:
48, 83, EC, 28, E8, 47, 61, 00, 00, 48, 83, C4, 28, E9, 56, FE, FF, FF, CC, CC, 48, 89, 4C, 24, 08, 48, 81, EC, 88, 00, 00, 00, 48, 8D, 0D, 8D, 03, 01, 00, FF, 15, 0F, 8D, 00, 00, 4C, 8B, 1D, 78, 04, 01, 00, 4C, 89, 5C, 24, 58, 45, 33, C0, 48, 8D, 54, 24, 60, 48, 8B, 4C, 24, 58, E8, 6B, 85, 00, 00, 48, 89, 44, 24, 50, 48, 83, 7C, 24, 50, 00, 74, 41, 48, C7, 44, 24, 38, 00, 00, 00, 00, 48, 8D, 44, 24, 48, 48, 89, 44, 24, 30, 48, 8D, 44, 24, 40, 48, 89, 44, 24, 28, 48, 8D, 05, 38, 03, 01, 00, 48, 89, 44, 24...
 
[+]

Entropy:
5.6990

Code size:
47.5 KB (48,640 bytes)

Scan vs941e22.028 - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.