» fgcf101kb.sys
Overview
Analysis
File Details
Behaviors (1)

fgcf101kb.sys

Fortres TLM

Fortres Grand Corporation

It runs as a Windows kernel mode device driver named “FGCF101KB”.

File name:

fgcf101kb.sys

Publisher:

Fortres Grand Corp. (signed by Fortres Grand Corporation)

Product:

Fortres TLM

Description:

fgctlmkb.sys

Version:

4, 0, 362, 1

MD5:

f088670c9b4324d161e53e58020964b5

SHA-1:

e79d7fa41aa84d0aa97a2284425e59030d1d2d82

SHA-256:

a9c8953293e852c16b5ba580ed8a354d3ecfe2b71aa1503ae1147fe4dab500aa

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/20/2024 2:57:18 AM UTC (today)

File size:

22.7 KB (23,240 bytes)

Product version:

4, 0, 362, 1

Original file name:

fgctlmkb.Sys

File type:

Driver (Win32 SYS)

Language:

English (United States)

Common path:

C:\Windows\System32\drivers\fgcf101kb.sys

Digital Signature

Signed by:

Fortres Grand Corporation

Authority:

GlobalSign nv-sa

Valid from:

3/19/2010 9:47:44 AM

Valid to:

3/19/2013 9:47:39 AM

Subject:

E=trust@fortresgrand.com, CN=Fortres Grand Corporation, O=Fortres Grand Corporation, L=Plymouth, S=IN, C=US

Issuer:

CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:

0100000000012776E5F367

File PE Metadata

Compilation timestamp:

11/20/2012 11:54:28 AM

OS version:

6.1

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

9.0

Entry address:

0x614D

Entry point:

8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, A9, FE, FF, FF, CC, 5C, 00, 44, 00, 6F, 00, 73, 00, 44, 00, 65, 00, 76, 00, 69, 00, 63, 00, 65, 00, 73, 00, 5C, 00, 46, 00, 47, 00, 43, 00, 46, 00, 31, 00, 30, 00, 31, 00, 4B, 00, 42, 00, 00, 00, 5C, 00, 44, 00, 65, 00, 76, 00, 69, 00, 63, 00, 65, 00, 5C, 00, 46, 00, 47, 00, 43, 00, 46, 00, 31, 00, 30, 00, 31, 00, 4B, 00, 42, 00, 00, 00, CC, CC, D8, 61, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, FA, 63, 00, 00, 00, 20, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.3676

Code size:

10.5 KB (10,752 bytes)

Driver

Display name:

FGCF101KB

Description:

FGC Keyboard Filter Driver

Type:

Kernel device driver (KernelDriver)

Scan fgcf101kb.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.