Information about phymem.sys

phymem.sys

File Details

MD5: af76eca167ee7a22581b69919f34090e
Size: 25 KB
First Published: 2017-11-02 00:02:57 (8 years ago)
Latest Published: 2021-11-16 21:19:00 (3 years ago)
Status: Undefined (on last analysis)
Analysis Date: 2021-11-16 21:19:00 (3 years ago)

Overview

Signed By: Zawawa Software LLC
Status: Valid

Common Places:

%localappdata%\temp
%commonappdata%
%commonappdata%
%appdata%\nhm2\bin
%appdata%\nhm2\bin
%appdata%\nhm2\bin
%appdata%\nhm2\bin
%appdata%\nhm2\bin
%appdata%\nhm2\bin
%appdata%\nhm2\bin

Geography:

14.3%
11.9%
9.5%
9.5%
7.1%
4.8%
4.8%
4.8%
4.8%
2.4%
2.4%
2.4%
2.4%
2.4%
2.4%
2.4%
2.4%
2.4%
2.4%
2.4%
2.4%

OS Version:

Windows 10 81.0%
Windows 7 16.7%
Windows 8.1 2.4%

Analysis

Subsystem: Native
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000140000000
Entry Address: 0x000017b0

PE Sections:

Name Size of data MD5
.text 3584 a0a71297a5bd5c385bb393b8b4601035
.rdata 1024 3aa3ad0c1295199d34afac644b5572bd
.data 512 f821ddd62d677bc255549bd86447b440
.pdata 512 4be7550b67c6510ffe434fc9b6c4cec5
INIT 1024 412d70519d363aa263650a264a11f2d9
.reloc 512 592b800629a8be78cca47e675649f4bf

More information:

Search on Virustotal
copyright for information about phymem.sys