home

PxHlpa64.sys

PxHlpa64

Corel Corporation

It runs as a Windows 64-bit kernel mode device driver named “PxHlpa64”.
Publisher:
Corel Corporation  (signed and verified)

Product:
PxHlpa64

Description:
Px Engine Device Driver for 64-bit (x86-64) Windows

Version:
3.01.17.0

MD5:
48292bc57156caea602e008f33aae37d

SHA-1:
81bbc9b1d1da5d0082adb1ca902cce3db5556171

SHA-256:
f1f456dce1dcf813847e08285cfba6a0a972066d0b39b0a602ccec17776f874e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 1:49:52 AM UTC  (today)

File size:
63.5 KB (64,984 bytes)

Copyright:
Copyright © Corel Corporation or its subsidiaries. All rights reserved.

Original file name:
PxHlpa64.sys

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\pxhlpa64.sys

Digital Signature
Signed by:
Corel Corporation

Authority:
Symantec Corporation

Valid from:
6/8/2015 8:00:00 PM

Valid to:
6/8/2018 7:59:59 PM

Subject:
CN=Corel Corporation, O=Corel Corporation, L=Ottawa, S=Ontario, C=CA, SERIALNUMBER=4345908, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=CA

Issuer:
CN=Symantec Class 3 Extended Validation Code Signing CA - G2, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
1288731D8BAF2FEB621F5D1E800ABC10

File PE Metadata
Compilation timestamp:
11/17/2015 10:40:16 PM

OS version:
6.0

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
12.0

CTPH (ssdeep):
1536:9hHXM27xbCP5pZcxrBsuCia3lieOAbg+1t0:9lM2tbCG4li8lieOAE+s

Entry address:
0x7714

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 48, 89, 7C, 24, 18, 55, 48, 8B, EC, 48, 83, EC, 60, 33, C0, 33, F6, 48, 8B, D9, 48, 89, 0D, 0F, 52, 00, 00, 48, 8D, 0D, F8, 51, 00, 00, 48, 8B, FA, 66, 89, 75, E0, 48, 89, 45, E2, 89, 45, EA, 66, 89, 45, EE, 66, 89, 75, F0, 48, 89, 45, F2, 89, 45, FA, 66, 89, 45, FE, 48, 89, 35, D8, 51, 00, 00, FF, 15, DA, 39, 00, 00, 48, 8B, 05, 7B, 3A, 00, 00, 39, 30, 0F, 85, 4D, 01, 00, 00, 48, 8D, 15, D4, 3E, 00, 00, 48, 8D, 4D, E0, FF, 15, 72, 38, 00, 00, 48, 8D, 05, AB, 51, 00...
 
[+]

Entropy:
6.6163

Code size:
39 KB (39,936 bytes)

Driver
Display name:
PxHlpa64

Type:
Kernel device driver (KernelDriver)

Group:
Filter


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.