ntoskrnl_patched.exe

NT Kernel & System

Microsoft Corporation

Publisher:
Microsoft Corporation  (signed and verified)

Product:
Microsoft® Windows® Operating System

Description:
NT Kernel & System

Version:
6.4.9841.0 (fbl_release.140912-1613)

MD5:
905a177eb5fc0fe6ace3a1db3e58a5af

SHA-1:
93e291f9f045e1747c31649d7595ae13e55369ee

SHA-256:
3fc05640ed65e4332366eb4b8d14d50d91cab1293630c5686c71c794f212cebc

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
12/28/2024 4:32:10 AM UTC  (today)

File size:
7.1 MB (7,428,560 bytes)

Product version:
6.4.9841.0

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
ntkrnlmp.exe

File type:
Executable application (Win64 EXE)

Digital Signature
Authority:
Microsoft Corporation

Valid from:
8/4/2014 11:33:34 PM

Valid to:
4/30/2015 11:33:34 PM

Subject:
CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Windows PCA 2010, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
33000001364C4ED9674670DA3B000000000136

File PE Metadata
Compilation timestamp:
9/13/2014 7:19:10 AM

OS version:
6.4

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
12.10

CTPH (ssdeep):
98304:aeGA0DgO63Lwx6UAnTJKJMyit7lWJYF2FopPmfhLs:auK163LK1AVKJ9itxWGF8oZKhLs

Entry address:
0x39E010

Entry point:
48, 83, EC, 38, 4C, 89, 7C, 24, 30, 4C, 8B, FC, 48, 89, 0D, C5, 58, FE, FF, 48, 8B, 51, 68, 48, 8D, 05, 52, A1, F8, FF, 48, 85, D2, 48, 0F, 44, D0, 48, 89, 51, 68, 4C, 8B, D2, 48, 81, EA, 80, 01, 00, 00, 48, 89, 52, 18, 4C, 89, 52, 20, 41, 0F, 20, C0, 4C, 89, 82, C0, 01, 00, 00, 41, 0F, 20, D0, 4C, 89, 82, C8, 01, 00, 00, 41, 0F, 20, D8, 4C, 89, 82, D0, 01, 00, 00, 41, 0F, 20, E0, 4C, 89, 82, D8, 01, 00, 00, 0F, 01, 82, 16, 02, 00, 00, 4C, 8B, 82, 18, 02, 00, 00, 4C, 89, 02, 0F, 01, 8A, 26, 02, 00, 00, 4C...
 
[+]

Code size:
6 MB (6,262,272 bytes)