ProcessHacker.exe

Process Hacker

Wen Jia Liu

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Process Hacker 2’.
Publisher:
wj32  (signed by Wen Jia Liu)

Product:
Process Hacker

Version:
2.39.0.124

MD5:
b365af317ae730a67c936f21432b9c71

SHA-1:
fb1972adda8ae864fa88ebcc1c69f90b875fcb5d

SHA-256:
bd2c2cf0631d881ed382817afcce2b093f4e412ffb170a719e2762f250abfea4

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/16/2024 7:39:23 PM UTC  (today)

File size:
1.6 MB (1,719,840 bytes)

Product version:
2.39.0.124

Copyright:
Licensed under the GNU GPL, v3.

Original file name:
ProcessHacker.exe

File type:
Executable application (Win64 EXE)

Language:
English (Australia)

Common path:
C:\Program Files\process hacker 2\processhacker.exe

Digital Signature
Signed by:

Authority:
DigiCert Inc

Valid from:
10/30/2013 1:00:00 AM

Valid to:
1/4/2017 1:00:00 PM

Subject:
CN=Wen Jia Liu, O=Wen Jia Liu, L=Sydney, S=New South Wales, C=AU

Issuer:
CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0FF1EF66BD621C65B74B4DE41425717F

File PE Metadata
Compilation timestamp:
3/29/2016 3:34:01 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
14.0

Entry address:
0xE2EFC

Entry point:
48, 83, EC, 28, E8, B3, 02, 00, 00, 48, 83, C4, 28, E9, 72, FE, FF, FF, CC, CC, 48, 83, EC, 28, E8, 3B, 08, 00, 00, 85, C0, 74, 21, 65, 48, 8B, 04, 25, 30, 00, 00, 00, 48, 8B, 48, 08, EB, 05, 48, 3B, C8, 74, 14, 33, C0, F0, 48, 0F, B1, 0D, 2C, 58, 07, 00, 75, EE, 32, C0, 48, 83, C4, 28, C3, B0, 01, EB, F7, CC, CC, CC, 40, 53, 48, 83, EC, 20, 0F, B6, 05, 47, 58, 07, 00, 85, C9, BB, 01, 00, 00, 00, 0F, 44, C3, 88, 05, 37, 58, 07, 00, E8, 22, 06, 00, 00, E8, D1, 13, 00, 00, 84, C0, 75, 04, 32, C0, EB, 14, E8...
 
[+]

Code size:
1023.5 KB (1,048,064 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Process Hacker 2

Command:
"C:\Program Files\process hacker 2\processhacker.exe" -hide


Scan ProcessHacker.exe - Powered by Reason Core Security