KernelDumpDecrypt.exe
- File Path:
C:\Program Files (x86)\Windows Kits\10\Debuggers\arm64\KernelDumpDecrypt.exe
- Description: Windows Kernel Dump File Decryptor
Hashes
Type | Hash |
---|---|
MD5 | C8A3B58BAD61DDC4515766A1E0C5BCAD |
SHA1 | 972EA895BF8C1A8676033FC8671E261B2C4A1DB6 |
SHA256 | 8F700AAFC0571ABF32B1B60A2477EAF9101246352AD526B7353B1920B49C8D3C |
SHA384 | 4615E019137E46E25600308299741223198E1AE355134F25B01CD9EFF5D3A093E87AEDA9786942447A33A2391C2C456C |
SHA512 | ABBD90D8FBC0675085F9284D4F82B821E5AC7A03E86DBF177DD27C8FC1A2BEB964608BC570B1854B35531ACC91537523269DD92DEB21B87E72706DFE657FE735 |
SSDEEP | 384:4F8s5X4khUry/kWtnv32aQXmom2f0cte91YrNmjSWoXW59JlvCz8rgQ:aYy/jn+aQXmuzAiricqrgQ |
IMP | 5CB5F28410D9C191B1BB6D8B343687CB |
PESHA1 | 9E581455C830876A81A62AB64CB30664C3540339 |
PE256 | 0795CBD744826323532CAE428212735C0A95ECBCCB7D12B4E19DA9196FF61E15 |
Signature
- Status: Signature verified.
- Serial:
33000002B7E8E007A82AEF13150000000002B7
- Thumbprint:
5A68625F1A516670A744F7EF919500A479D32A5B
- Issuer: CN=Microsoft Code Signing PCA 2010, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows Kits Publisher, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
File Metadata
- Original Filename: KernelDumpDecrypt.exe
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit ARM
File Scan
- VirusTotal Detections: Unknown
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.