» HookCentre.sys
Overview
Analysis
File Details
Behaviors (1)

HookCentre.sys

G DATA Software AG

It runs as a Windows kernel mode device driver named “HookCentre”.

File name:

HookCentre.sys

Publisher:

G DATA Software AG (signed and verified)

Description:

Security Hook

Version:

2.02

MD5:

eab74ab5ea9dcd848cb3744b888fa4c6

SHA-1:

a475e335a99d787c30da6df943172ef9fa79f91c

SHA-256:

8290ada6c47028930c1d1a6108469b542fab3212944fa06eab8ef9cad5914502

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

12/26/2024 12:57:21 AM UTC (today)

File size:

34.5 KB (35,376 bytes)

Product version:

2.02

Original file name:

HookCentre.sys

File type:

Driver (Win32 SYS)

Language:

English (United States)

Common path:

C:\Windows\System32\drivers\hookcentre.sys

Digital Signature

Signed by:

G DATA Software AG

Authority:

GlobalSign nv-sa

Valid from:

12/6/2006 9:18:30 PM

Valid to:

12/6/2007 9:18:30 PM

Subject:

E=sign@gdata.de, CN=G DATA Software AG, O=G DATA Software AG, C=DE

Issuer:

CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:

0100000000010F5873A0CE

File PE Metadata

Compilation timestamp:

12/7/2006 4:40:04 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

6.0

Entry address:

0x5778

Entry point:

83, EC, 28, 56, E8, AF, EE, FF, FF, 8B, F0, 25, 00, 00, 00, C0, 3D, 00, 00, 00, C0, 75, 0E, E8, F2, EE, FF, FF, 8B, C6, 5E, 83, C4, 28, C2, 08, 00, 6A, 40, 68, 19, 00, 02, 00, 6A, 00, 6A, 00, 68, 60, 57, 01, 00, 6A, 02, 8D, 4C, 24, 30, E8, 46, F4, FF, FF, 6A, 40, 68, 19, 00, 02, 00, 6A, 00, 6A, 00, 68, 6C, 57, 01, 00, 6A, 01, 8D, 4C, 24, 1C, E8, 2B, F4, FF, FF, 8B, 44, 24, 20, 85, C0, 7C, 09, C6, 05, 70, 4A, 01, 00, 00, EB, 0F, 8B, 44, 24, 0C, 85, C0, 0F, 9D, C1, 88, 0D, 70, 4A, 01, 00, 8B, 54, 24, 34, 8B... 
[+]

Entropy:

6.7290

Code size:

22.9 KB (23,424 bytes)

Driver

Display name:

HookCentre

Type:

Kernel device driver (KernelDriver)

Scan HookCentre.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.