home

IceKore.sys

CryptoMill Trust Boundary Manager

CryptoMill Technologies Ltd

It runs as a Windows file system device driver named “IceKore”.
Publisher:
CryptoMill Technologies Inc.  (signed by CryptoMill Technologies Ltd)

Product:
CryptoMill Trust Boundary Manager

Description:
IceKore Filter Driver

Version:
8.2.12.16354 built by: WinDDK

MD5:
a37c29853be795da49600df8e5fbf66f

SHA-1:
52a4a8313163bddaa8d4895742b7329aebf15c9b

SHA-256:
54590c416c21278d83c965d4e9d8dfd59c86217d1af1712fafd3cb0bf9517795

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 9:56:42 PM UTC  (today)

File size:
297.5 KB (304,600 bytes)

Product version:
8.2.12.16354

Copyright:
© CryptoMill Technologies Inc. All rights reserved.

Original file name:
IceKore.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\icekore.sys

Digital Signature
Signed by:
CryptoMill Technologies Ltd

Authority:
VeriSign, Inc.

Valid from:
7/7/2013 7:00:00 PM

Valid to:
8/7/2014 6:59:59 PM

Subject:
CN=CryptoMill Technologies Ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=CryptoMill Technologies Ltd, L=Toronto, S=Ontario, C=CA

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4484C1B7B3587CA73CC11DDBE0AC0136

File PE Metadata
Compilation timestamp:
8/18/2013 11:15:51 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
6144:JKxhbVsIQZp2EcMcJJ9yU9WMoTbiN+1fF+nGYmi:c/6IQL3y+UsMoaU+Gfi

Entry address:
0x4803E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 6E, 93, FB, FF, CC, CC, 44, 81, 04, 00, 00, 00, 00, 00, 00, 00, 00, 00, 2A, 86, 04, 00, A4, 00, 04, 00, 2C, 81, 04, 00, 00, 00, 00, 00, 00, 00, 00, 00, C4, 86, 04, 00, 8C, 00, 04, 00, A0, 80, 04, 00, 00, 00, 00, 00, 00, 00, 00, 00, FA, 89, 04, 00, 00, 00, 04, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, DE, 87, 04, 00, E0, 89, 04, 00, C6, 89, 04, 00, A2, 89, 04, 00, 8E, 89, 04, 00, 76, 89, 04, 00, 5C, 89, 04, 00, 4A, 89...
 
[+]

Entropy:
6.7440

Code size:
256 KB (262,144 bytes)

Driver
Display name:
IceKore

Description:
IceKore Filter Driver

Type:
File system 'filter' driver (FileSystemDriver)

Group:
FSFilter Encryption

Depends on:
FltMgr


Scan IceKore.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.