| filename | KernelInjetor (gamehack).sys | |
|---|---|---|
| size | 13952 (0x3680) | |
| md5 | 267d0a68043d4cfd8f18860f1c79bb2e | |
| type | PE32+ executable (native) x86-64, for MS Windows | |
| mimetype | application/x-dosexec | |
| clamav | OK | |
| virustotal | → scan with virustotal.com | |
| histogram | ||
MZ Header
| signature | MZ |
| bytes_in_last_block | 0x90 |
| blocks_in_file | 3 |
| num_relocs | 0 |
| header_paragraphs | 4 |
| min_extra_paragraphs | 0 |
| max_extra_paragraphs | 0xffff |
| ss | 0 |
| sp | 0xb8 |
| checksum | 0 |
| ip | 0 |
| cs | 0 |
| reloc_table_offset | 0x40 |
| overlay_number | 0 |
| reserved0 | 0 |
| oem_id | 0 |
| oem_info | 0 |
| reserved2 | 0 |
| reserved3 | 0 |
| reserved4 | 0 |
| reserved5 | 0 |
| reserved6 | 0 |
| lfanew | 0xe8 |
Rich Header
| lib id | version | times used |
|---|---|---|
| 136 | 30729 | 3 |
| 147 | 30729 | 2 |
| 257 | 27412 | 3 |
| 1 | 0 | 38 |
| 259 | 27412 | 3 |
| 260 | 27412 | 5 |
| 260 | 28806 | 4 |
| 258 | 28806 | 1 |
DOS stub
00000000: 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 |........!..L.!Th| 00000010: 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f |is program canno| 00000020: 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 |t be run in DOS | 00000030: 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |mode....$.......|
PE Header
Sections
Data Directory
Signers (1)
issuer: /CN=WDKTestCert ELB,132411561120381699
serial: 6BC63C67D698478346CEBB24B66A3E0B
Certificates (1)
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:c6:3c:67:d6:98:47:83:46:ce:bb:24:b6:6a:3e:0b
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=WDKTestCert ELB,132411561120381699
Validity
Not Before: Aug 6 02:55:13 2020 GMT
Not After : Aug 5 00:00:00 2030 GMT
Subject: CN=WDKTestCert ELB,132411561120381699
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c5:40:a4:52:0e:0b:08:07:6d:61:5d:b7:e8:4c:
2e:3a:5e:c0:64:53:fb:ee:66:8c:22:4d:5d:19:95:
0b:4e:93:99:51:06:cc:fd:06:d8:21:e6:2f:f8:02:
67:36:a2:62:f0:56:a7:42:8a:02:b6:60:b3:d1:7e:
ae:34:ec:92:88:a0:2a:0b:74:e7:ca:70:b9:7b:5d:
80:f5:71:1a:6e:00:1f:01:0c:cb:25:42:44:ce:22:
1d:5b:64:2a:28:47:26:93:84:2a:4b:c5:4a:fc:ca:
ae:31:e9:4e:d7:20:2d:79:b8:26:ba:ef:b2:72:f4:
af:36:00:61:72:32:79:7f:35:97:44:ca:99:2d:6c:
c2:1d:97:29:a2:1d:7f:19:17:cf:af:f8:e1:c8:17:
1e:f0:a6:af:be:ab:28:53:89:8e:53:55:fc:49:01:
42:86:15:e7:ee:be:76:58:6b:d6:5c:7a:9e:2d:d4:
47:b5:fc:f4:68:66:ae:1d:c0:ef:c0:c4:01:f4:bf:
82:28:d5:a5:99:c7:bf:86:80:77:11:11:73:e5:af:
c9:45:48:87:eb:df:97:f4:7a:0b:a2:25:aa:7d:54:
0c:17:84:92:a2:00:ed:d8:f8:49:6e:a5:d1:fb:31:
5a:bb:30:f6:95:50:04:4b:ef:52:33:60:24:a3:b2:
b7:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage:
Key Encipherment, Data Encipherment
X509v3 Extended Key Usage:
Code Signing
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
0c:d5:01:83:de:14:f8:02:82:14:c4:49:63:3f:50:aa:83:c3:
94:c0:67:f9:84:07:e5:1b:47:19:28:0a:84:53:31:29:8c:e9:
ab:f3:78:2e:f3:95:b7:79:e3:79:35:e3:4f:98:92:6c:c3:07:
d0:3f:f8:69:c4:30:4e:41:d4:e9:c6:98:a1:dc:ae:a0:b0:9c:
d0:9e:22:40:a4:b0:a3:92:43:3e:1b:de:31:90:63:d7:ba:3b:
62:bc:54:ac:85:e2:b5:24:e9:03:03:92:09:61:88:df:5b:77:
8a:a0:a4:da:45:5d:40:7a:a1:53:28:af:71:2e:1a:dd:e2:9a:
6a:38:03:b1:70:37:d7:fb:5a:7d:5b:17:0b:91:7e:a7:54:33:
6a:63:f5:7d:31:25:42:f8:a5:ea:cc:6a:ca:93:e1:b6:bb:82:
09:3a:0d:f4:c6:68:62:72:67:45:05:9d:fd:3c:66:c8:a4:9c:
c2:cd:22:62:a4:32:4a:4e:e4:0a:0f:48:7d:bf:a4:d8:41:bc:
f9:67:52:f4:c0:ed:76:90:35:88:0c:cb:b8:5f:04:d0:fc:6e:
29:e3:7c:29:64:25:7a:27:16:a3:f2:f2:11:5f:9c:94:db:84:
32:09:c8:5a:e1:9b:3e:18:c9:d8:2b:ce:6b:bd:fb:8e:ad:0c:
f7:37:48:d1
pkcs7-signedData
- 1
- SHA1: nil
- 1.3.6.1.4.1.311.2.1.4
- #0
- 1.3.6.1.4.1.311.2.1.15
a6 b5 86 d5 b4 a1 24 66 ae 05 a2 17 da 8e 60 d6 |......$f......`.|
- 1.3.6.1.4.1.311.2.3.1:
00 00 00 00 2b 5f 13 ce 92 16 e3 6c 57 1d 3b 68 |....+_.....lW.;h| c2 8a ae 8b e1 ff 7a d5 00 04 00 00 ba 65 50 52 |......z......ePR| 5b 12 d7 23 90 69 b3 6c 26 0b b7 d4 52 25 1b 88 |[..#.i.l&...R%..| 00 14 00 00 bb e9 4e aa 6a d9 68 53 f2 34 1e 90 |......N.j.hS.4..| 3e a4 ca 2a 93 0e 94 e6 00 1a 00 00 83 b4 62 f4 |>..*..........b.| 2e 42 fe 56 d4 c9 9c 4e 33 3c 0b a6 d2 13 4e 18 |.B.V...N3<....N.| 00 22 00 00 eb 1a f5 0e f4 23 58 3d e2 43 bd 49 |.".......#X=.C.I| 51 c3 30 52 f4 0d 33 6f 00 24 00 00 d8 90 56 f8 |Q.0R..3o.$....V.| 97 4c 78 d3 16 18 f9 ab cb 1b cf 9d ce ac 70 b0 |.Lx...........p.| 00 26 00 00 20 c6 c9 07 ca a5 23 08 a8 b8 d0 44 |.&.. .....#....D| 83 90 c1 7f 84 02 76 a7 00 2e 00 00 14 53 b1 18 |......v......S..| a7 9e 65 85 ea ec 5c 32 32 37 f0 d4 f3 88 a3 52 |..e...\227.....R| 00 30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |.0..............| 00 00 00 00 00 00 00 00 |........ |
- 1.3.6.1.4.1.311.2.3.1:
- SHA1
85 c5 b3 93 c8 08 72 9c f1 4c b6 0b aa 72 97 d6 |......r..L...r..| 90 46 b9 f1 |.F.. |
- 1.3.6.1.4.1.311.2.1.15
- #0
- #2
- 2
- 6B:C6:3C:67:D6:98:47:83:46:CE:BB:24:B6:6A:3E:0B
- RSA-SHA1: nil
- CN: WDKTestCert ELB,132411561120381699
- 2020-08-06 02:55:13 UTC: 2030-08-05 00:00:00 UTC
- CN: WDKTestCert ELB,132411561120381699
- #5
- rsaEncryption: nil
- C5:40:A4:52:0E:0B:08:07:6D:61:5D:B7:E8:4C:2E:3A:
5E:C0:64:53:FB:EE:66:8C:22:4D:5D:19:95:0B:4E:93:
99:51:06:CC:FD:06:D8:21:E6:2F:F8:02:67:36:A2:62:
F0:56:A7:42:8A:02:B6:60:B3:D1:7E:AE:34:EC:92:88:
A0:2A:0B:74:E7:CA:70:B9:7B:5D:80:F5:71:1A:6E:00:
1F:01:0C:CB:25:42:44:CE:22:1D:5B:64:2A:28:47:26:
93:84:2A:4B:C5:4A:FC:CA:AE:31:E9:4E:D7:20:2D:79:
B8:26:BA:EF:B2:72:F4:AF:36:00:61:72:32:79:7F:35:
97:44:CA:99:2D:6C:C2:1D:97:29:A2:1D:7F:19:17:CF:
AF:F8:E1:C8:17:1E:F0:A6:AF:BE:AB:28:53:89:8E:53:
55:FC:49:01:42:86:15:E7:EE:BE:76:58:6B:D6:5C:7A:
9E:2D:D4:47:B5:FC:F4:68:66:AE:1D:C0:EF:C0:C4:01:
F4:BF:82:28:D5:A5:99:C7:BF:86:80:77:11:11:73:E5:
AF:C9:45:48:87:EB:DF:97:F4:7A:0B:A2:25:AA:7D:54:
0C:17:84:92:A2:00:ED:D8:F8:49:6E:A5:D1:FB:31:5A:
BB:30:F6:95:50:04:4B:EF:52:33:60:24:A3:B2:B7:19: 0x010001
- #6
- keyUsage: 0
- extendedKeyUsage: codeSigning
- RSA-SHA1:
0c d5 01 83 de 14 f8 02 82 14 c4 49 63 3f 50 aa |...........Ic?P.| 83 c3 94 c0 67 f9 84 07 e5 1b 47 19 28 0a 84 53 |....g.....G.(..S| 31 29 8c e9 ab f3 78 2e f3 95 b7 79 e3 79 35 e3 |1)....x....y.y5.| 4f 98 92 6c c3 07 d0 3f f8 69 c4 30 4e 41 d4 e9 |O..l...?.i.0NA..| c6 98 a1 dc ae a0 b0 9c d0 9e 22 40 a4 b0 a3 92 |.........."@....| 43 3e 1b de 31 90 63 d7 ba 3b 62 bc 54 ac 85 e2 |C>..1.c..;b.T...| b5 24 e9 03 03 92 09 61 88 df 5b 77 8a a0 a4 da |.$.....a..[w....| 45 5d 40 7a a1 53 28 af 71 2e 1a dd e2 9a 6a 38 |E]@z.S(.q.....j8| 03 b1 70 37 d7 fb 5a 7d 5b 17 0b 91 7e a7 54 33 |..p7..Z}[...~.T3| 6a 63 f5 7d 31 25 42 f8 a5 ea cc 6a ca 93 e1 b6 |jc.}1%B....j....| bb 82 09 3a 0d f4 c6 68 62 72 67 45 05 9d fd 3c |...:...hbrgE...<| 66 c8 a4 9c c2 cd 22 62 a4 32 4a 4e e4 0a 0f 48 |f....."b.2JN...H| 7d bf a4 d8 41 bc f9 67 52 f4 c0 ed 76 90 35 88 |}...A..gR...v.5.| 0c cb b8 5f 04 d0 fc 6e 29 e3 7c 29 64 25 7a 27 |..._...n).|)d%z'| 16 a3 f2 f2 11 5f 9c 94 db 84 32 09 c8 5a e1 9b |....._....2..Z..| 3e 18 c9 d8 2b ce 6b bd fb 8e ad 0c f7 37 48 d1 |>...+.k......7H.|
- 2
- 1
- #0
- CN: WDKTestCert ELB,132411561120381699
- 6B:C6:3C:67:D6:98:47:83:46:CE:BB:24:B6:6A:3E:0B
- SHA1: nil
- #2
- 1.3.6.1.4.1.311.2.1.12
- nil
- contentType: 1.3.6.1.4.1.311.2.1.4
- 1.3.6.1.4.1.311.2.1.11: msCodeInd
- messageDigest:
94 a9 49 b5 b9 27 e7 94 1f 1c d9 28 c6 d3 6f 64 |..I..'.....(..od| 09 a4 a3 a8 |.... |
- 1.3.6.1.4.1.311.2.1.12
- rsaEncryption:
1f 0a d7 d0 77 e8 ab 43 96 04 2d bc 5b 97 a7 23 |....w..C..-.[..#| 67 c5 11 7a 40 17 fe e6 dd 1e 77 97 5f 97 d4 e4 |g..z@.....w._...| c0 5f 32 55 a0 b3 2f ec 89 c0 06 6a 80 07 c1 a8 |._2U../....j....| ab 1f c8 5f b2 c2 5e 8e 0f 8f 05 87 a3 a6 64 38 |..._..^.......d8| ce d3 57 3b 31 fa 00 42 60 7f 64 70 d8 f9 6c 3b |..W;1..B`.dp..l;| 8a b9 5f d3 ce 74 f8 06 fa a4 86 f2 e5 74 dc 08 |.._..t.......t..| 5f e2 b8 d7 56 f3 f3 39 04 44 db 5c 4d 20 77 5c |_...V..9.D.\M w\| 30 55 da 73 9b d2 70 6f c7 e2 9d b4 86 ba 9c bb |0U.s..po........| b6 6b 2f 2a 4e 97 15 80 12 1e 23 73 ef 8e 49 19 |.k/*N.....#s..I.| b8 8a ef 7f 23 1d 14 45 e3 fa 3a 9b 4d 53 2f 84 |....#..E..:.MS/.| fa 04 7f 05 c4 c1 51 68 19 06 32 9d de 0f 66 ca |......Qh..2...f.| f5 a9 59 30 40 8d ff a2 dd 16 d5 d3 4d 62 98 62 |..Y0@.......Mb.b| ef a8 2b 77 ac 02 61 11 77 c0 3c 9e 42 17 57 62 |..+w..a.w.<.B.Wb| 07 a0 4f a6 82 c1 da 95 b4 13 33 16 7f 41 a3 bd |..O.......3..A..| ba 01 b9 9f 4b 66 71 aa d6 b9 8c 9f 21 b0 61 63 |....Kfq.....!.ac| fc 80 a5 2e df e0 87 ce c6 52 bb fe 5c 71 cb 70 |.........R..\q.p|
- #0
 |
| Please donate some bucks to keep this site up and running: | |
| Ko-fi | |
|---|---|
| Yandex.Money | |
| Thank you! | |
everything is OK