» IG_AD100.sys
Overview
Analysis
File Details
Behaviors (1)

IG_AD100.sys

IrisGuard UK Ltd

It runs as a Windows kernel mode device driver named “IG_AD100”.

File name:

IG_AD100.sys

Publisher:

IrisGuard Inc. (signed by IrisGuard UK Ltd)

Product:

IG_AD100.sys

Description:

IrisGuard AD100 Driver

Version:

4.0.0.0 built by: WinDDK

MD5:

2e8b952915a5b71c5ec6032c96ca0b67

SHA-1:

f213cf7290af0258073bb71a27bfd99ab5a6fe95

SHA-256:

4638a7d436cb3270430d103d8d1363887a9b9cecf0d4823e7da512bcbfc9cc21

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/6/2024 3:21:44 AM UTC (today)

File size:

158.4 KB (162,200 bytes)

Product version:

4.0.0.0

Original file name:

IG_AD100.sys

File type:

Driver (Win32 SYS)

Language:

English (United States)

Common path:

C:\Windows\System32\drivers\ig_ad100.sys

Digital Signature

Signed by:

IrisGuard UK Ltd

Authority:

VeriSign, Inc.

Valid from:

7/7/2011 3:00:00 AM

Valid to:

7/8/2012 2:59:59 AM

Subject:

CN=IrisGuard UK Ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=IrisGuard UK Ltd, L=Aylesbury, S=Bucks, C=GB

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

4B3BB2472091024D460295C0B925DED0

File PE Metadata

Compilation timestamp:

7/18/2011 3:12:40 PM

OS version:

6.1

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

9.0

CTPH (ssdeep):

3072:7usgpIfUrMJrhOPOQ5qWYX2D7XVJLmI2saQTlFxa84Zw5k8:dU4POPOQoWYGD7/LmAaQTlHOe+8

Entry address:

0x24C3E

Entry point:

8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 22, 35, FE, FF, CC, CC, 28, 4D, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, 0A, 51, 02, 00, F4, B8, 00, 00, B4, 4C, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, 18, 51, 02, 00, 80, B8, 00, 00, D4, 4C, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 53, 02, 00, A0, B8, 00, 00, C4, 4C, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, 7A, 53, 02, 00, 90, B8, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 72, 4F, 02, 00, 86, 4F, 02, 00, F8, 4F... 
[+]

Entropy:

6.5181

Code size:

47 KB (48,128 bytes)

Driver

Display name:

IG_AD100

Type:

Kernel device driver (KernelDriver)

Scan IG_AD100.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.