home

sGridClient.exe

sGridClient Application

KoreaInternet

It runs as a separate (within the context of its own process) windows Service named “sGrid Client”.
Publisher:
KoreaInternet  (signed and verified)

Product:
sGridClient Application

Version:
1, 0, 0, 0

MD5:
494f4717bfd4eed3484dc8035ea9129e

SHA-1:
1d943cef99fd6027b068257398b2c08fbae72a47

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/27/2024 2:00:49 AM UTC  (today)

Scan engine
Detection
Engine version

Vba32 AntiVirus
Malware-Cryptor.InstallCore.7
3.12.20.2

File size:
128.9 KB (131,944 bytes)

Product version:
1, 0, 0, 0

Copyright:
Copyright (C) 2010

Original file name:
sGridClient.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\pangpleclient\sgridclient.exe

Digital Signature
Signed by:
KoreaInternet

Authority:
Thawte, Inc.

Valid from:
11/12/2010 9:00:00 AM

Valid to:
12/13/2011 8:59:59 AM

Subject:
CN=KoreaInternet, O=KoreaInternet, L=seocho, S=seoul, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
3CE3B908688A1D74363EA39F48C973D0

File PE Metadata
Compilation timestamp:
11/9/2011 3:20:50 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
1536:bpo+RQfJXdjZrfHzf5BEM6cQnqJaVgxkJjPucokQ6uDsGYKFKtl5nGxp:b2+87BmM63nqJLxsQ3xLFKn5nGxp

Entry address:
0x6C7E

Entry point:
E8, 73, 9A, 00, 00, E9, A4, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 68, ED, 41, 00, 89, 0D, 64, ED, 41, 00, 89, 15, 60, ED, 41, 00, 89, 1D, 5C, ED, 41, 00, 89, 35, 58, ED, 41, 00, 89, 3D, 54, ED, 41, 00, 66, 8C, 15, 80, ED, 41, 00, 66, 8C, 0D, 74, ED, 41, 00, 66, 8C, 1D, 50, ED, 41, 00, 66, 8C, 05, 4C, ED, 41, 00, 66, 8C, 25, 48, ED, 41, 00, 66, 8C, 2D, 44, ED, 41, 00, 9C, 8F, 05, 78, ED, 41, 00, 8B, 45, 00, A3, 6C, ED, 41, 00, 8B, 45, 04, A3, 70, ED, 41, 00, 8D, 45, 08, A3, 7C, ED, 41...
 
[+]

Entropy:
5.8420

Code size:
79 KB (80,896 bytes)

Service
Display name:
sGrid Client

Type:
Win32OwnProcess


Scan sGridClient.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.