» HIDKMDF.SYS
Overview
Analysis
File Details

HIDKMDF.SYS

Windows Win 7 DDK driver

Benzle, Inc.

File name:

HIDKMDF.SYS

Publisher:

Windows (R) Win 7 DDK provider (signed by Benzle, Inc.)

Product:

Windows (R) Win 7 DDK driver

Description:

Filter Driver for HID-KMDF Interface

Version:

6.1.7600.16385 built by: WinDDK

MD5:

2ed86712aa730f3f852386c7874942e1

SHA-1:

54f477e83cb54874d9e7a72f11dcc5c61a13715f

SHA-256:

1ae90846bcf237d6665e1e8c7cb106edd8a522e0130aef8d7b2a7f9d9c133946

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/5/2024 6:30:40 PM UTC (today)

File size:

16.7 KB (17,056 bytes)

Product version:

6.1.7600.16385

Original file name:

HIDKMDF.SYS

File type:

Driver (Win64 SYS)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\hidkmdf.sys

Digital Signature

Signed by:

Benzle, Inc.

Authority:

DigiCert Inc

Valid from:

11/5/2012 12:00:00 AM

Valid to:

1/7/2016 12:00:00 PM

Subject:

CN="Benzle, Inc.", O="Benzle, Inc.", L=Taipei, C=TW

Issuer:

CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

04399B506B610540DBEDDDB1E4C30C4A

File PE Metadata

Compilation timestamp:

3/17/2015 5:30:36 AM

OS version:

6.1

OS bitness:

Win64

Subsystem:

Native (none required)

Linker version:

9.0

CTPH (ssdeep):

192:yJ7ZmN9l0HNb/oCqpQA9jdZubh6LWwsUJljcbGAPZZ3xN5BdxK6CYGTYBp:k7ZM0Hl8pQgZZosiVZZv/K6jGT6p

Entry address:

0x611C

Entry point:

48, 83, EC, 28, 4C, 8B, C2, 4C, 8B, C9, E8, 95, FF, FF, FF, 49, 8B, D0, 49, 8B, C9, 48, 83, C4, 28, E9, CE, FE, FF, FF, CC, CC, 88, 61, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, F6, 61, 00, 00, 10, 20, 00, 00, 78, 61, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 1C, 62, 00, 00, 00, 20, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 62, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, E6, 61, 00, 00, 00, 00, 00, 00, D6, 61, 00, 00, 00, 00, 00, 00, C6, 61, 00, 00... 
[+]

Entropy:

5.7830

Code size:

3.5 KB (3,584 bytes)

Scan HIDKMDF.SYS - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.