Reason Labs

kernel32.dll

Windows NT BASE API Client DLL

Microsoft Corporation

The kernel32 library is a protected OS file that is responsible for handling core memory management, input/output operations, process and thread creation as well as exposes the to applications a majority of the Win32 APIs. It is installed with Windows 7 as a General Distribution Release (GDR) as part of a Hotfix.
Publisher:
Microsoft Corporation

Product:
Microsoft® Windows® Operating System

Description:
Windows NT BASE API Client DLL

 
Part of the Windows 7 (with Service Pack 1) Operating System

Version:
6.1.7601.18015 (win7sp1_gdr.121129-1432)

MD5:
ac0b6f41882fc6ed186962d770ebf1d2

SHA-1:
f9ac70c562ba70dd7917e99b00ed6878531de66f

SHA-256:
21cc2473fee7a102488d29114d91522381d6e7232d7be54dcd92075db535aff3

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
4/25/2019 8:49:56 AM UTC  (today)

File size:
1.1 MB (1,114,112 bytes)

Product version:
6.1.7601.18015

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
kernel32

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\windows\syswow64\kernel32.dll

File PE Metadata
Compilation timestamp:
11/29/2012 11:56:41 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
24576:92PEQWsHunfuKH8CBlcODV3iNXm5lnVI:UPEQBHuXH8W/V3iWK

Entry address:
0x132B3

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 0F, 84, 48, 33, 00, 00, 5D, EB, 33, 90, 90, 90, 90, 90, 8B, FF, 55, 8B, EC, 8B, 45, 0C, 56, 33, F6, 2B, C6, 0F, 84, 23, 48, 00, 00, 48, 0F, 84, D4, 36, 00, 00, 48, 48, 0F, 84, 0A, 27, 00, 00, B0, 01, 5E, 5D, C2, 0C, 00, 90, 90, 90, 90, 90, 8B, FF, 55, 8B, EC, 81, EC, 38, 04, 00, 00, A1, AC, 03, E4, 7D, 33, C5, 89, 45, FC, 8B, 45, 10, 89, 85, E0, FB, FF, FF, 64, A1, 18, 00, 00, 00, 53, 56, 8B, 70, 30, 8B, 86, D4, 01, 00, 00, A3, 4C, 00, E4, 7D, 8B, 46, 10, 89, 85, D0, FB...
 
[+]

Entropy:
5.6728

Code size:
832 KB (851,968 bytes)

Clean
kernelbase.dll  (90b069cbc93c701394b47d4e830cdd7d384f5d5c)

Clean
ntdll.dll  (3a2bae6036ff2d23309a7b93ab562494c50df236)

Clean
shlwapi.dll  (0ba38e91bf0e9d554e8dfea0ed6ea1214f9952a3)

Clean
gdi32.dll  (6a20fe18619dc46e379c42f12ed761749053cbf9)

Clean
user32.dll  (8b997b38e179cd03c0a2e87bddbc1ebca39a8630)

Clean
advapi32.dll  (453d4c3bf4a489433b593420a37bbffb7749875a)

Clean
msvcrt.dll  (df2756c114ca2d3b2b16d459a93f285924a55202)

Clean
sechost.dll  (2ae4ea1e2f2248a86f0dd25a1cbf828b5496fa79)

Clean
rpcrt4.dll  (0a2886a248c8d157ba89f4d5296a0b30f1a6424c)

Clean
sspicli.dll  (fda5de62a80510b1e02dae814cd6caa0a8fa035f)

Clean
cryptbase.dll  (d5fefb6b6ab0591f28d878b2d05e301ddc7957ab)

Clean
lpk.dll  (769bd7c18f82272b110f3bad913b28b0f7401d09)

Clean
userenv.dll  (83d1722a35eb16b010d8c9f72c627e97d4642101)

Clean
PROFAPI.DLL  (263e8fbf77c0ceead0c9bca56394bffa4a664361)

Clean
VERSION.DLL  (a4f845318e095d841b05e1400747ee4c28e1f28e)

Clean
winmm.dll  (c53e005cd04d99331ce3114ac119256133202313)

Download Reason Core Security - Powerful anti-malware software