home

GIDI.exe

GuardedID

StrikeForce Technologies

Publisher:
StrikeForce Technologies Inc.  (signed by StrikeForce Technologies)

Product:
GuardedID

Description:
GIDI Application

Version:
2, 0, 0, 36

MD5:
f3b92a8859b859e222a248d3bc89d7b8

SHA-1:
5173982bf2d7295ee00e60f7be0129c9339ca9d8

SHA-256:
4f7b69b92e201bf5c47a1846ab95b65c6af389f8931406e5bec1ae629a15a33c

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/26/2024 12:13:48 AM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
TROJ_GEN.F47V0105
7.2.339

File size:
258 KB (264,184 bytes)

Product version:
2, 0, 0, 0

Copyright:
Copyright (C) 2008

Trademarks:
StrikeForceTechnologies Inc

Original file name:
GIDI.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\gidi.exe

Digital Signature
Signed by:
StrikeForce Technologies

Authority:
GlobalSign nv-sa

Valid from:
8/13/2008 12:24:13 PM

Valid to:
8/13/2009 12:24:13 PM

Subject:
E=noc@sftnj.com, CN=StrikeForce Technologies, O=StrikeForce Technologies, C=US

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000011BBCE1B55C

File PE Metadata
Compilation timestamp:
2/18/2009 6:00:29 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
3072:uqiIab6+4qfLREQqEbZONrhubtBm7Vq5bsVfaa5cTKfmuBD0hSIl8dk28bU:9TqzRXqEbwh4ROVascaWtul0JlJU

Entry address:
0xC9E1

Entry point:
E8, D5, 6B, 00, 00, E9, 17, FE, FF, FF, E9, BF, F7, FF, FF, 51, C7, 01, 1C, 20, 42, 00, E8, 53, 6C, 00, 00, 59, C3, 56, 8B, F1, E8, EA, FF, FF, FF, F6, 44, 24, 08, 01, 74, 07, 56, E8, D8, FF, FF, FF, 59, 8B, C6, 5E, C2, 04, 00, 8B, 44, 24, 04, 83, C1, 09, 51, 83, C0, 09, 50, E8, 95, 6C, 00, 00, F7, D8, 59, 1B, C0, 59, 40, C2, 04, 00, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, 20, 20, 42, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 85, C0, 5F, 89, 45, FC, 5E, 74, 0C, F6, 00, 08, 74, 07...
 
[+]

Entropy:
6.7532

Code size:
128 KB (131,072 bytes)

Scan GIDI.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.