home

kernelbase.dll

Операционная система Microsoft Windows

Microsoft Corporation

It is included with the Windows 7 OS. The file has been seen being downloaded from de.originaldll.com.
Publisher:
Microsoft Corporation

Product:
Операционная система Microsoft® Windows®

Description:
Библиотека клиента Windows NT BASE API

 
Part of the Windows 7 Operating System

Version:
6.1.7600.16385 (win7_rtm.090713-1255)

MD5:
6b5174702343bd955e174fdfefa2a1a3

SHA-1:
67fdbb196dccaaf520208f2cff23b584139d20e9

SHA-256:
54a2e26972acba6aa808cbe5eea0fb2d5b8f560d8285c569078c27649311fb6a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
11/15/2024 7:13:48 PM UTC  (today)

File size:
412 KB (421,888 bytes)

Product version:
6.1.7600.16385

Copyright:
© Корпорация Майкрософт. Все права защищены.

Original file name:
Kernelbase

File type:
Dynamic link library (Win64 DLL)

Common path:
C:\Windows\System32\kernelbase.dll

File PE Metadata
Compilation timestamp:
7/16/2011 9:27:24 AM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
12288:psXdlq1n+nfr6Es0KuZxpSLCGMhbcNHJTAKy0:pkdlGWfzs0zxeMhIJTAK

Entry address:
0x2770

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 0F, 84, 62, E3, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, EB, 07, 90, 90, 90, 90, 90, 90, 90, 48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 81, EC, 80, 02, 00, 00, 48, 8B, 05, 47, F8, 05, 00, 48, 33, C4, 48, 89, 84, 24, 70, 02, 00, 00, 65, 48, 8B, 04, 25, 30, 00, 00, 00, 48, 8B, F1, B3, 01, 48, 8B, 78, 60, 85, D2, 0F, 84, 1C, 83, 00, 00, 83, EA...
 
[+]

Code size:
292.5 KB (299,520 bytes)

The file kernelbase.dll has been seen being distributed by the following URL.

http://de.originaldll.com/.../9274.dll

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.