kdnet.exe
- File Path:
C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\kdnet.exe
- Description: Net debugging configuration tool
Hashes
| Type |
Hash |
| MD5 |
06906FBC21BFC19615A182CCB356794E |
| SHA1 |
5ADCE7DE29CB8560450176FC8D7DCDC1F10BD82B |
| SHA256 |
0DB5A4DCB3BE5ABE889B94A976C203B303CBB189C4DED0C97BE7B81BD1569EBC |
| SHA384 |
72527D479C8AB0C26998840DC2B77F1E5683ED3140211CCBFA081DF10F1130CD95F9E1FEF9D0A3AB56575B2AA24A145C |
| SHA512 |
D22D6961AA457C7E90F7063F9CBF0E3862F7F29F4ECFD7C5FB95C6686BCD37EFF23759FF21012DBE2A1858B4753DC7BE80705406C166BD430D73B31C28A53E55 |
| SSDEEP |
768:49ghuT6KCEY0rPY10TQ7wc1CPJYJlrdXpGbJ5S+mQKar7UvI+3o4tAKGdV5:ggoCEY0rQyRs35W5IQKAIvI+3ZVGd |
| IMP |
5697E1DEEEC21ACCCAA8B1AE2CBE0EC6 |
| PESHA1 |
AD9C25A847BE2E8CCC4E5F3CBCF127C24A2C2CB8 |
| PE256 |
AD57848D21FF448B8314055700F3FF6ED108EF7393086B0A541C03259D7E4940 |
Runtime Data
Usage (stdout):
kdnet.exe [debug_host] [debug_port]
[debug_host] is the name of the host machine running the debugger.
[debug_port] is the network port to use for debugging this machine.
kdnet.exe /xml
kdnet.exe /busparams [debug_device] [debug_host] [debug_port]
[debug_device] is the busparams of the debug Device to configure.
[debug_host] is the name of the host machine running the debugger.
[debug_port] is the network port to use for debugging this machine.
When run without parameters, kdnet.exe identifies the NICs and USB3
controllers which support network debugging. When run with parameters
kdnet.exe enables network debugging using the specified information.
If [debug_port] is not specified then it will be set to a default
value of 5364.
Child Processes:
conhost.exe
Open Handles:
| Path |
Type |
| (RW-) C:\Users\user |
File |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000002.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2 |
Section |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 |
Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 |
Section |
Loaded Modules:
| Path |
| C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\kdnet.exe |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
Signature
- Status: Signature verified.
- Serial:
33000002CF6D2CC57CAA65A6D80000000002CF
- Thumbprint:
1A221B3B4FEF088B17BA6704FD088DF192D9E0EF
- Issuer: CN=Microsoft Code Signing PCA 2010, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: kdnet.exe
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/75
- VirusTotal Link: https://www.virustotal.com/gui/file/0db5a4dcb3be5abe889b94a976c203b303cbb189c4ded0c97be7b81bd1569ebc/detection
MIT License. Copyright (c) 2020-2021 Strontic.