» miniicpt.sys
Overview
Analysis
File Details
Behaviors (1)

miniicpt.sys

G Data AntiVirus

G DATA Software AG

It runs as a Windows kernel mode device driver named “GDMnIcpt”.

File name:

miniicpt.sys

Publisher:

G DATA Software AG (signed and verified)

Product:

G Data AntiVirus

Description:

Filesystem MiniInterceptor (Mini Filter)

Version:

1.0.17009.334

MD5:

893c996d701c72a89fe15bad9f7014f0

SHA-1:

c9b0c8a06012e28c25c52a7dbb13656513337519

SHA-256:

f651ff27a88be60f4877ee6f44c40dd68ba6d6d2516a1659e2842c9db8c378aa

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/6/2024 10:49:13 AM UTC (today)

File size:

207.6 KB (212,536 bytes)

Product version:

15, 0, 0, 0

G Data Software AG 2008

File type:

Driver (Win32 SYS)

Language:

German (Germany)

Common path:

C:\Windows\System32\drivers\miniicpt.sys

Digital Signature

Signed by:

G DATA Software AG

Authority:

GlobalSign nv-sa

Valid from:

11/11/2016 3:26:45 PM

Valid to:

11/23/2019 4:05:34 PM

Subject:

E=sign@gdata.de, CN=G DATA Software AG, O=G DATA Software AG, L=Bochum, S=Nordrhein-Westfalen, C=DE

Issuer:

CN=GlobalSign CodeSigning CA - G3, O=GlobalSign nv-sa, C=BE

Serial number:

6EE210E8636128A43529604F

File PE Metadata

Compilation timestamp:

1/9/2017 5:34:51 AM

OS version:

6.3

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

12.0

Entry address:

0x21512

Entry point:

8B, FF, 55, 8B, EC, E8, E4, AA, 00, 00, 5D, E9, 08, 01, 00, 00, 3B, 0D, E8, B2, 42, 00, 75, 03, C2, 00, 00, E9, 00, 00, 00, 00, 8B, FF, 55, 8B, EC, 51, 89, 4D, FC, 6A, 02, 59, CD, 29, 6A, 08, 59, CD, 29, CC, FF, 25, A8, 82, 42, 00, FF, 25, A4, 82, 42, 00, FF, 25, 18, 81, 42, 00, FF, 25, 1C, 81, 42, 00, FF, 25, 20, 81, 42, 00, FF, 25, 24, 81, 42, 00, FF, 25, 58, 81, 42, 00, FF, 25, 5C, 81, 42, 00, FF, 25, AC, 82, 42, 00, FF, 25, 64, 81, 42, 00, FF, 25, 78, 81, 42, 00, FF, 25, C0, 81, 42, 00, FF, 25, C4, 81... 
[+]

Code size:

161.5 KB (165,376 bytes)

Driver

Display name:

GDMnIcpt

Type:

Kernel device driver (KernelDriver)

Group:

FSFilter Anti-Virus

Scan miniicpt.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.