home

ncgagent.sys

Inka Entworks Corp

It runs as a Windows 64-bit kernel mode device driver named “ncgagent”.
Publisher:
Inka Entworks Corp  (signed and verified)

MD5:
579012712786f26b690f00facb8eee59

SHA-1:
065dc2c422cea054f1eba756aadbf3d4c3935079

SHA-256:
d3dcb5cf153a675137160e67dfcb6315f666c8f0b7f9a010cde105695290c8ad

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/10/2024 9:04:57 PM UTC  (today)

File size:
13.4 KB (13,696 bytes)

File type:
Driver (Win64 SYS)

Common path:
C:\Program Files\ncg\ncgagent.sys

Digital Signature
Signed by:
Inka Entworks Corp

Authority:
GlobalSign nv-sa

Valid from:
6/29/2010 3:28:01 PM

Valid to:
6/29/2011 3:28:01 PM

Subject:
E=suhwan@inka.co.kr, CN=Inka Entworks Corp, O=Inka Entworks Corp, C=KR

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000012982986ADF

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
192:6ykFxNWAvJmb4rR0DJqirxHkeuOznu8j+5MNfzg54X8jSJUbueqhc0YR:d8Lxmb4rRrk+wC8j+6NE54XdUb+hc0YR

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 52, D4, FF, FF, CC, CC, 78, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, D2, 42, 00, 00, 00, 20, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, D8, 40, 00, 00, F4, 40, 00, 00, 0C, 41, 00, 00, 2A, 41, 00, 00, 34, 41, 00, 00, 3E, 41, 00, 00, 56, 41, 00, 00, 64, 41, 00, 00, 76, 41, 00, 00, 8E, 41, 00, 00, A6, 41, 00, 00, C8, 41, 00, 00, E0, 41, 00, 00, F6, 41, 00, 00, 16, 42, 00, 00, 32, 42, 00, 00, 46, 42, 00, 00, 62, 42...
 
[+]

Entropy:
6.4550

Driver
Display name:
ncgagent

Type:
Kernel device driver (KernelDriver)


Scan ncgagent.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.