home

fgstnetworksniffersvc.exe

Falcongaze SecureTower

Software Security Systems ChTUP

It runs as a separate (within the context of its own process) windows Service named “FalconGaze SecureTower Interception Server”.
Publisher:
Software Security Systems ChTUP  (signed and verified)

Product:
Falcongaze SecureTower

Version:
5.7.343.0

MD5:
e161e65a53b4404009917c2ae22f01ee

SHA-1:
e5bee30ab8624c666cbc873e62ed55ccb56643be

SHA-256:
700551859b4e68529f18d9f6ac6c24fbe59934ae6a7ee2d6b1ce101a1fcbcf05

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 9:33:50 PM UTC  (today)

File size:
1.4 MB (1,421,280 bytes)

Product version:
5.7.343.0

Copyright:
Copyright (C) 2015 Falcongaze

Original file name:
Falcongaze SecureTower

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\falcongaze securetower\interception server\fgstnetworksniffersvc.exe

Digital Signature
Signed by:
Software Security Systems ChTUP

Authority:
VeriSign, Inc.

Valid from:
2/20/2013 8:00:00 AM

Valid to:
2/21/2016 7:59:59 AM

Subject:
CN=Software Security Systems ChTUP, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Software Security Systems ChTUP, L=MINSK, S=MINSK, C=BY

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
19C8F9B0EC18A3A3D8F5016080F29DC4

File PE Metadata
Compilation timestamp:
11/11/2015 11:02:50 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
12.0

CTPH (ssdeep):
24576:st1Lpiccn6Y+W/LEwLoTQIwPpIpWkt51DwBXilnQrcwkVWC+IURmYMMwWhJAyzbq:stLicDuE2oTQIOpIpPt51Dwi

Entry address:
0x856EC

Entry point:
48, 83, EC, 28, E8, D7, 18, 01, 00, 48, 83, C4, 28, E9, 42, FE, FF, FF, CC, CC, 4C, 8B, DC, 4D, 89, 43, 18, 4D, 89, 4B, 20, 48, 83, EC, 38, 49, 8D, 43, 20, 45, 33, C9, 49, 89, 43, E8, E8, 35, E5, FF, FF, 48, 83, C4, 38, C3, E9, 5B, 05, 00, 00, CC, CC, CC, 40, 53, 48, 83, EC, 20, 33, DB, 4D, 85, C9, 75, 0E, 48, 85, C9, 75, 0E, 48, 85, D2, 75, 20, 33, C0, EB, 2F, 48, 85, C9, 74, 17, 48, 85, D2, 74, 12, 4D, 85, C9, 75, 05, 66, 89, 19, EB, E8, 4D, 85, C0, 75, 1C, 66, 89, 19, E8, 00, 01, 00, 00, BB, 16, 00, 00...
 
[+]

Entropy:
6.1804

Code size:
893 KB (914,432 bytes)

Service
Display name:
FalconGaze SecureTower Interception Server

Service name:
FgStNetworkSnifferSvc

Description:
The service intercepts traffic from network adapters and saves it to the database.

Type:
Win32OwnProcess


Scan fgstnetworksniffersvc.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.