home

xkpsm.sys

Windows 2000 DDK driver

Jiransoft Co., Ltd.

It runs as a Windows kernel mode device driver named “PROCESS MONITOR DRIVER XKPSM”.
Publisher:
Windows (R) 2000 DDK provider  (signed by Jiransoft Co., Ltd.)

Product:
Windows (R) 2000 DDK driver

Description:
xkpsm for Window NT/2K DProcess

Version:
5.00.2195.6717

MD5:
77e74b59a5a5846e89682b5c6bbe44fd

SHA-1:
2cd5520fc997857b4ee8b4ffe1375ba54e1c1605

SHA-256:
b0a814ab517c5f1c7147ec80839d4663a7b9ad66274e2c3827477129a8214a4f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 8:47:47 PM UTC  (today)

File size:
9.7 KB (9,920 bytes)

Product version:
5.00.2195.6717

Copyright:
Copyright (C) Microsoft Corp. 1981-1999

Original file name:
xkpsm.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\xkpsm.sys

Digital Signature
Signed by:
Jiransoft Co., Ltd.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
3/29/2010 9:00:00 AM

Valid to:
5/28/2012 8:59:59 AM

Subject:
CN="Jiransoft Co., Ltd.", O="Jiransoft Co., Ltd.", L=Gangnam-gu, S=Seoul, C=KR

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
4500A6DF76514260D830DADB083D86F9

File PE Metadata
Compilation timestamp:
2/13/2007 12:32:07 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
7.10

CTPH (ssdeep):
192:4mJZh/nmtBriO5R2BCT657RaEyncjWOeyowJL/uV/l:4mpnmtBri0sQcOnNYJLq

Entry address:
0xA85

Entry point:
A1, 00, 0A, 01, 00, 85, C0, B9, 4E, E6, 40, BB, 74, 04, 3B, C1, 75, 19, A1, 3C, 09, 01, 00, 8B, 00, 35, 00, 0A, 01, 00, A3, 00, 0A, 01, 00, 75, 06, 89, 0D, 00, 0A, 01, 00, E9, 35, FD, FF, FF, CC, CC, CC, 00, 0B, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 8A, 0C, 00, 00, 0C, 09, 00, 00, F4, 0A, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, C4, 0C, 00, 00, 00, 09, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 98, 0C, 00, 00, AE, 0C, 00, 00, 00, 00, 00, 00, 7C, 0B, 00, 00, 94...
 
[+]

Entropy:
6.3294

Code size:
1.8 KB (1,792 bytes)

Driver
Display name:
PROCESS MONITOR DRIVER XKPSM

Service name:
xkpsm

Type:
Kernel device driver (KernelDriver)


Scan xkpsm.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.