» ggm_sguard.sys
Overview
Analysis
File Details
Behaviors (1)

ggm_sguard.sys

kwangkaetosystem

It runs as a Windows 64-bit kernel mode device driver named “ggm_sguard.sys”.

File name:

ggm_sguard.sys

Publisher:

kwangkaetosystem (signed and verified)

MD5:

315581a6fc9a4d427c27e80ef8cad20c

SHA-1:

02b6fdbfa36effc48eab962d7cec2c602ce1bc5e

SHA-256:

8be8b83b6e78f74d78733adb69bfef21ce4a49940a6d209f64d70a1d047b93e7

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 7:30:36 AM UTC (today)

File size:

10.1 KB (10,376 bytes)

File type:

Driver (Win64 SYS)

Common path:

C:\Program Files\ggalggmi\ggm_sguard.sys

Digital Signature

Signed by:

kwangkaetosystem

Authority:

Thawte, Inc.

Valid from:

3/28/2013 9:00:00 AM

Valid to:

3/29/2014 8:59:59 AM

Subject:

CN=kwangkaetosystem, OU=Dev Team, O=kwangkaetosystem, L=Haeundae-gu, S=Busan, C=KR

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

135C17232FEFBA203C5244A66793A0FD

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

192:ptoTM7yG8nQuJ8Tyou7+wse+PjPPz78DvUe2x:/5yDnguSPLn8Dxm

Driver

Display name:

ggm_sguard.sys

Type:

Kernel device driver (KernelDriver)

Scan ggm_sguard.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.