ks.dll
- File Path:
C:\Program Files (x86)\Windows Kits\10\Debuggers\x86\winxp\ks.dll
- Description: Kernel Streaming Debugger Extensions
Hashes
| Type |
Hash |
| MD5 |
4F3F2E781F3C1E6176D60DC0EA4235DC |
| SHA1 |
A7298458F92AB9FAE5E36D7EE2795FCE5CC17E86 |
| SHA256 |
4AD79D01640FB1061485CA04055DB12BA597841E8D2988393C435A4550E9E705 |
| SHA384 |
63D7DC67BD634582CA73B4E00E43F12EBE010CC8AB9F158F1264DCDA35E53735490910698455A49C0BB176343F573F21 |
| SHA512 |
0B1E795168FE4FD92249A219096DA055E1820450BFA03B95B6AC75E007D219CE7C9628CF25EF9FACD1CEC1303C768531BD201B5C4E45DD2F7270345437221DF5 |
| SSDEEP |
6144:VNWbW81XM9/lURkQRUgy+UKI3i6JVAs4rnpyDqqIygo+wm3FlyGhK8qehDQD:qRkQRk+1aiCJ4rp8Tg3wallB1Q |
| IMP |
97EE9ADCB6B3A003E285299F1AFCCE8F |
| PESHA1 |
53BE009C68198E11661EF0FAE2F49EFB670295F0 |
| PE256 |
DA3CF6A78B7D43ABE7A2E390D41F8947D602B9F7B45339A1E9F0F3F87D582825 |
DLL Exports:
| Function Name |
Ordinal |
Type |
help |
22 |
Exported Function |
kshelp |
23 |
Exported Function |
libexts |
24 |
Exported Function |
graph |
21 |
Exported Function |
ExtensionApiVersion |
2 |
Exported Function |
findlive |
19 |
Exported Function |
forcedump |
20 |
Exported Function |
objhdr |
25 |
Exported Function |
shdr |
30 |
Exported Function |
topology |
31 |
Exported Function |
WinDbgExtensionDllInit |
3 |
Exported Function |
pciks |
29 |
Exported Function |
ohdr |
26 |
Exported Function |
pchelp |
27 |
Exported Function |
pciaudio |
28 |
Exported Function |
eval |
18 |
Exported Function |
DebugExtensionNotify |
5 |
Exported Function |
DebugExtensionUninitialize |
6 |
Exported Function |
devhdr |
9 |
Exported Function |
DebugExtensionInitialize |
4 |
Exported Function |
allstreams |
7 |
Exported Function |
automation |
8 |
Exported Function |
CheckVersion |
1 |
Exported Function |
dhdr |
10 |
Exported Function |
dumpqueue |
15 |
Exported Function |
enumdevobj |
16 |
Exported Function |
enumdrvobj |
17 |
Exported Function |
dumplog |
14 |
Exported Function |
dump |
11 |
Exported Function |
dumpbag |
12 |
Exported Function |
dumpcircuit |
13 |
Exported Function |
Signature
- Status: Signature verified.
- Serial:
33000002CF6D2CC57CAA65A6D80000000002CF
- Thumbprint:
1A221B3B4FEF088B17BA6704FD088DF192D9E0EF
- Issuer: CN=Microsoft Code Signing PCA 2010, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: ks.dll
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: Unknown
MIT License. Copyright (c) 2020-2021 Strontic.