» IG_EyeTrust.sys
Overview
Analysis
File Details
Behaviors (1)

IG_EyeTrust.sys

IrisGuard UK Ltd

It runs as a Windows kernel mode device driver named “IG_EyeTrust”.

File name:

IG_EyeTrust.sys

Publisher:

IrisGuard Inc. (signed by IrisGuard UK Ltd)

Product:

IG_EyeTrust.sys

Description:

IrisGuard EyeTrust

Version:

8.0.0.0 built by: WinDDK

MD5:

f17502331bb03ec2fce9b7f956728db7

SHA-1:

a879ec0b1f7f7ab0eadc38c54bbb036ed35d2c0b

SHA-256:

d149ee541d0a67f0820b8ee741d8fa00eb3888372d3a8c5e44522e2239676bb3

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/26/2024 4:47:17 PM UTC (today)

File size:

168.8 KB (172,864 bytes)

Product version:

8.0.0.0

Original file name:

IG_EyeTrust.sys

File type:

Driver (Win32 SYS)

Language:

English (United States)

Common path:

C:\Windows\System32\drivers\ig_eyetrust.sys

Digital Signature

Signed by:

IrisGuard UK Ltd

Authority:

VeriSign, Inc.

Valid from:

6/19/2012 3:00:00 AM

Valid to:

7/8/2015 2:59:59 AM

Subject:

CN=IrisGuard UK Ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=IrisGuard UK Ltd, L=Aylesbury, S=Bucks, C=GB

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

67097B87B05CE9C534EC63C5C42573CD

File PE Metadata

Compilation timestamp:

7/2/2015 6:45:54 PM

OS version:

6.1

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

9.0

CTPH (ssdeep):

3072:ZqN3DTM5GTFPZqpjsxDXxDW6OQ5qWYX2D7XVJLmI2saQTlFxa84ZW0W:zGPgL6OQoWYGD7/LmAaQTlHOO

Entry address:

0x2713E

Entry point:

8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 82, 1B, FE, FF, CC, CC, 18, 72, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, E6, 75, 02, 00, 64, DE, 00, 00, B4, 71, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, F4, 75, 02, 00, 00, DE, 00, 00, D4, 71, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, 94, 77, 02, 00, 20, DE, 00, 00, C4, 71, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, 0C, 78, 02, 00, 10, DE, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 8E, 74, 02, 00, 00, 75, 02, 00, 7A, 74... 
[+]

Entropy:

6.6099

Code size:

56.3 KB (57,600 bytes)

Driver

Display name:

IG_EyeTrust

Type:

Kernel device driver (KernelDriver)

Scan IG_EyeTrust.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.