Upload files

By using Saferwall you consent to our Terms of Service and Privacy Policy and allow us to share your submission with the security community. Learn more

Summary
Like

Analyse score

2/ 13

2 antivirus venders flagged
this file as malicious

Signature

Signed file, invalid signature

Last scanned

First submission

File type

dll

dll

Basic properties

CRC32

0x67dbe67d

MD5

bd6cdc948edc60b6616acd6177fb6e9a

Magic

PE32+ executable (native) x86-64, for MS Windows

SHA1

9fc30f7d43e245f735e10f8d32b8343a034b8459

SHA256

92ae79a8da319e90bcc02cefc39e2c20e3bac8784507da2a297532fcd9e775c1

SHA512

bb618166ae2fa0a1fa2b598aafd490999338ba0f7860ca91544ea0ded602c2cb2e83bd778f5fdd5ff1c622b95d1073af6ca0f513928d1dbecefd5d0e25d01879

SSDeep

768:ZkCOeM2Yg5KY6VgQqdzfVJdf/aEB2zBdZpNL/Kg589z1hEn:n4n68B7L/Rn

Size

44.15KB

TLSH

40134a42c7551cc6eebbce3965e89627ff30b8428730c2eb1215c0159f62be2a978356

Packer
  • PE+(64): compiler: Microsoft Visual C/C++(2008 SP1)[-]
  • PE+(64): linker: Microsoft Linker(9.0)[Driver64,signed]
TrID
  • 56.5% (.EXE) Win64 Executable (generic) (10523/12/4)
  • 11.0% (.ICL) Windows Icons Library (generic) (2059/9)
  • 10.9% (.EXE) OS/2 Executable (generic) (2029/13)
  • 10.7% (.EXE) Generic Win/DOS Executable (2002/3)
  • 10.7% (.EXE) DOS Executable Generic (2000/1)
Tags

ExifTool File Metadata

CharacterSet

Windows, Latin1

CodeSize

21.00KB

CompanyName

wj32

EntryPoint

0x9064

ExifToolVersionNumber

12.96

FileDescription

KArocessHacker

FileFlags

(none)

FileFlagsMask

0x003f

FileOs

Win32

FileSize

45 kB

FileSubtype

7

FileType

Win64 EXE

FileTypeExtension

exe

FileVersion

3.0

FileVersionNumber

3.0.0.0

ImageFileCharacteristics

Executable, Large address aware

ImageVersion

6.1

InitializedDataSize

5.50KB

LanguageCode

English (U.S.)

LegalCopyright

Licensed under the GNU GPL, v3.

LinkerVersion

9.0

MachineType

AMD AMD64

MimeType

application/octet-stream

ObjectFileType

Driver

OriginalFileName

kArocessHacker.sys

OsVersion

6.1

PeType

PE32+

ProductName

KArocessHacker

ProductVersion

3.0

ProductVersionNumber

3.0.0.0

Subsystem

Native

SubsystemVersion

6.1

UninitializedDataSize

0

Submissions

Published Name Source Country
92ae79a8da319e90bcc02cefc39e2c20e3bac8784507da2a297532fcd9e775c1 web
N/A