home

360procmon.sys

Qizhi Software (beijing) Co. Ltd

It runs as a Windows kernel mode device driver named “360procmon”.
Publisher:
Qizhi Software (beijing) Co. Ltd  (signed and verified)

Description:
360procmon

Version:
1, 0, 0, 1001

MD5:
4c3c4ec38daac9ad995088cb866a2d6d

SHA-1:
cfec17bed6799b22e43466abda65ddf23ec12ad6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/28/2024 12:48:27 PM UTC  (today)

File size:
21.5 KB (21,976 bytes)

Product version:
1, 0, 0, 1001

Copyright:
版权所有 (C) 2006-2008 360.cn

Original file name:
360procmon.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Program Files\360\360safe\safemon\360procmon.sys

Digital Signature
Signed by:
Qizhi Software (beijing) Co. Ltd

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
11/24/2006 8:00:00 AM

Valid to:
11/24/2008 7:59:59 AM

Subject:
CN=Qizhi Software (beijing) Co. Ltd, OU=Secure Application Development, O=Qizhi Software (beijing) Co. Ltd, L=Beijing, S=Beijing, C=CN

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
613BF885496412207ECB70ACFAC6755B

File PE Metadata
Compilation timestamp:
9/27/2008 9:19:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
6.0

Entry address:
0x180C

Entry point:
55, 8B, EC, 83, EC, 1C, 53, 56, 57, 8B, 3D, DC, 02, 01, 00, 8D, 45, F4, 33, DB, 68, 74, 17, 01, 00, 50, 89, 5D, FC, FF, D7, 8B, 75, 08, 8D, 45, FC, 50, 53, 53, 8D, 45, F4, 68, 00, 80, 00, 00, 50, 6A, 04, 56, FF, 15, 20, 03, 01, 00, 3B, C3, 89, 45, 08, 0F, 8C, B1, 00, 00, 00, 8D, 45, EC, 68, 9C, 17, 01, 00, 50, FF, D7, 8D, 45, F4, 50, 8D, 45, EC, 50, FF, 15, 1C, 03, 01, 00, 3B, C3, 89, 45, 08, 0F, 8C, 8D, 00, 00, 00, C7, 46, 38, 1A, 19, 01, 00, C7, 46, 40, 1A, 19, 01, 00, C7, 46, 70, 34, 19, 01, 00, C7, 46...
 
[+]

Entropy:
6.4729

Developed / compiled with:
Microsoft Visual C++

Code size:
7.4 KB (7,584 bytes)

Driver
Display name:
360procmon

Type:
Kernel device driver (KernelDriver)


Scan 360procmon.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.