» guardxkickoff_x64.exe
Overview
Analysis
File Details
Behaviors (1)

guardxkickoff_x64.exe

GuardX

IKARUS Security Software GmbH

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘IKARUS-GuardX’.

File name:

Publisher:

IKARUS Security Software GmbH (signed and verified)

Product:

GuardX

Description:

GuardX KickOff Trayicon

Version:

2.3.123

MD5:

e37f73ba476349e2f53b10967a39ceb6

SHA-1:

b45c301cc2992e0b1adae443636e3e9b3fcc04c2

SHA-256:

04e075479c3082fb917dabdb4442664518bd7fad536d7f34c049a5b8d16428fe

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 7:05:38 AM UTC (today)

File size:

3.1 MB (3,284,776 bytes)

Product version:

2.4.008

Original file name:

guardxkickoff.exe

File type:

Executable application (Win64 EXE)

Language:

English (United States)

Common path:

C:\Program Files\atlantis\antivirus\bin\guardxkickoff_x64.exe

Digital Signature

Signed by:

IKARUS Security Software GmbH

Authority:

StartCom Ltd.

Valid from:

8/13/2012 7:06:12 PM

Valid to:

8/15/2014 8:25:56 PM

Subject:

E=support@ikarus.at, CN=IKARUS Security Software GmbH, O=IKARUS Security Software GmbH, L=Wien, S=Wien, C=AT, Description=QgrbF2jp00Tp0hOn

Issuer:

CN=StartCom Class 3 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:

06F1

File PE Metadata

Compilation timestamp:

9/26/2013 6:11:44 PM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

49152:wSCJXvBPyX9GAoQWgAuUqW/u3hirN/GWmwJLrE2H2Ys0cp88ZamM8pBfun:wthkUwUqW/u3hI56ppjg

Entry address:

0x1A4E48

Entry point:

48, 83, EC, 28, E8, 2B, E9, 00, 00, 48, 83, C4, 28, E9, 52, FE, FF, FF, CC, CC, 48, 8B, C4, 48, 89, 48, 08, 48, 89, 50, 10, 4C, 89, 40, 18, 4C, 89, 48, 20, 53, 57, 48, 83, EC, 28, 33, C0, 48, 85, C9, 0F, 95, C0, 85, C0, 75, 15, E8, 6E, 1C, 00, 00, C7, 00, 16, 00, 00, 00, E8, B7, 58, 00, 00, 83, C8, FF, EB, 6A, 48, 8D, 7C, 24, 48, E8, 90, E9, 00, 00, 48, 8D, 50, 30, B9, 01, 00, 00, 00, E8, F6, EA, 00, 00, 90, E8, 7C, E9, 00, 00, 48, 8D, 48, 30, E8, 87, EB, 00, 00, 8B, D8, E8, 6C, E9, 00, 00, 4C, 8B, CF, 45... 
[+]

Code size:

1.8 MB (1,908,736 bytes)

Startup File (All Users Run)

Registry location:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

IKARUS-GuardX

Command:

C:\Program Files\atlantis\antivirus\bin\guardxkickoff_x64.exe

Scan guardxkickoff_x64.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.