home

netsynccontentguard.exe

잉카엔트웍스 NetsyncContentGaurd

Inka Entworks Corp

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘NCG’. This file is installed with the program NCG Agent.
Publisher:
INKAENTWORKS INC.  (signed by Inka Entworks Corp)

Product:
잉카엔트웍스 NetsyncContentGaurd

Description:
NetsyncContentGaurd

Version:
1, 1, 1112, 2315

MD5:
9c44373d481afc935f77afe44be7868a

SHA-1:
3a7ba496c005b72e4b9343c34a94c280f2ba70f8

SHA-256:
6ae9b5ba2fcb0e02bf49f2a9a42583c9e252a4bd6ed4f483a2c5fbd990320f98

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/24/2024 11:28:14 AM UTC  (today)

Scan engine
Detection
Engine version

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.24.3

File size:
2.3 MB (2,452,464 bytes)

Product version:
1, 1, 1112, 2315

Copyright:
INKAENTWORKS INC. Copyright ⓒ 2008-2010

Original file name:
NetsyncContentGaurd.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\ncg\netsynccontentguard.exe

Digital Signature
Signed by:
Inka Entworks Corp

Authority:
GlobalSign nv-sa

Valid from:
8/12/2011 6:33:59 PM

Valid to:
8/12/2012 6:33:59 PM

Subject:
CN=Inka Entworks Corp, OU=DevTeam, O=Inka Entworks Corp, L=Gangnam-gu, S=Seoul, C=KR

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121496B8D41EE3FF25E57806F33B55DF261

File PE Metadata
Compilation timestamp:
12/23/2011 3:40:39 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:5D/mKUaOjdbOEOWqC3AQIroxK+7jxhuDxhUd44KLc0PnSiE/s0IHTGVNJbEzgfo2:dOKUaGb1XXKN3UZKNP/0ITGDdM2AugEN

Entry address:
0x14F742

Entry point:
E8, 7B, 29, 01, 00, E9, 17, FE, FF, FF, 8B, 00, 81, 38, 63, 73, 6D, E0, 74, 03, 33, C0, C3, E9, A1, C8, 00, 00, 6A, 14, 68, 40, 46, 62, 00, E8, 8A, 92, 00, 00, 83, 65, FC, 00, FF, 4D, 10, 78, 3A, 8B, 4D, 08, 2B, 4D, 0C, 89, 4D, 08, FF, 55, 14, EB, ED, 8B, 45, EC, 89, 45, E4, 8B, 45, E4, 8B, 00, 89, 45, E0, 8B, 45, E0, 81, 38, 63, 73, 6D, E0, 74, 0B, C7, 45, DC, 00, 00, 00, 00, 8B, 45, DC, C3, E8, 55, C8, 00, 00, 8B, 65, E8, C7, 45, FC, FE, FF, FF, FF, E8, 80, 92, 00, 00, C2, 10, 00, 6A, 0C, 68, 60, 46, 62...
 
[+]

Entropy:
6.6726

Code size:
1.6 MB (1,626,112 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
NCG

Command:
C:\Program Files\ncg\netsynccontentguard.exe


The file netsynccontentguard.exe has been discovered within the following program.

NCG Agent  by INKA ENTWORKS
www.netsync.co.kr
About 1% of users remove it
 
Powered by Should I Remove It?

Scan netsynccontentguard.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.