How to remove kprocesshacker.sys2
- File Details
- Overview
- Analysis
kprocesshacker.sys2
The module kprocesshacker.sys2 has been detected as Hack.Gen
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
1b5c3c458e31bede55145d0644e88d75 |
| Size: |
44 KB |
| First Published: |
2018-03-26 16:04:39 (6 years ago) |
| Latest Published: |
2020-12-16 18:29:10 (4 years ago) |
| Status: |
Hack.Gen (on last analysis) |
|
| Analysis Date: |
2020-12-16 18:29:10 (4 years ago) |
Overview
| %desktop% |
| %programfiles% |
| %profile%\downloads\processhacker-2.39-bin.zip |
| %sysdrive% |
| %desktop%\00000\processhacker-2.39-bin |
| %sysdrive%\911\911\processhacker-2.39-bin |
| %mydoc%\pcwservicecenter2018\pcwservicecenter_2018\tools\processhacker |
| %sysdrive%\portableapps.com\portableapps\processhackerportable\app\processhacker |
| %desktop%\processhacker-2.39 |
| %sysdrive%\datos\backup portatil\temp\nueva carpeta\malware\process_hacker_2_39 |
| kprocesshacker.sys |
| kprocesshacker.sys2 |
|
28.9% |
|
|
13.5% |
|
|
5.0% |
|
|
3.6% |
|
|
3.5% |
|
|
3.5% |
|
|
3.3% |
|
|
2.8% |
|
|
2.5% |
|
|
2.4% |
|
|
1.8% |
|
|
1.5% |
|
|
1.4% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.0% |
|
|
1.0% |
|
|
0.9% |
|
|
0.9% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.5% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
| Windows 10 |
66.1% |
|
| Windows 7 |
25.3% |
|
| Windows 8.1 |
5.3% |
|
| Windows Server 2012 R2 |
1.0% |
|
| Windows Server 2008 R2 |
0.7% |
|
| Windows 8 |
0.7% |
|
| Windows Server 2016 |
0.3% |
|
| Windows XP |
0.3% |
|
| Windows Server 2003 |
0.1% |
|
| Windows Server 2012 |
0.1% |
|
| Windows Embedded 8.1 |
0.1% |
|
| Windows Embedded Standard |
0.1% |
|
Analysis
| Subsystem: |
Native |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000000010000 |
| Entry Address: |
0x00009064 |
| Name |
Size of data |
MD5 |
| .text |
4096 |
1c7d5a6358141f5c07d5ca761ef4f9f4 |
| .rdata |
2560 |
de6cb6f9cc1ebb47a29d4aff33ef6a49 |
| .data |
512 |
7317536adabcbb03e62558da080699bb |
| .pdata |
1024 |
f9075aadeb8fcf89c2fec495d5827b74 |
| PAGE |
14336 |
cb7ccf063067997d8df8934ebdfa70fa |
| INIT |
3072 |
d74f6efce0190a27390cf236c50f4a42 |
| .rsrc |
1024 |
3fbafe8a1e36c36b13c256a607fa4664 |
