home

StrongholdAntivirus.sys

Stronghold Antivirus

Security Stronghold LLC

The file StrongholdAntivirus.sys, “Stronghold Antivirus Kernel Part” by Security Stronghold has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Security Stronghold  (signed by Security Stronghold LLC)

Product:
Stronghold Antivirus

Description:
Stronghold Antivirus Kernel Part

Version:
1.0 built by: WinDDK

MD5:
b7a7408d9d4af98d941cb01490408ef2

SHA-1:
8b464d3fcccc27cea8f3bf279a9d3ece807c86d3

SHA-256:
185e21d6704aa5a4afdfce88ac19356887bca437586b5aba7e9e8e337baa1640

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/23/2024 8:41:07 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Win32.Generic.SecurityStronghold.Meta
15.8.23.16

File size:
33.4 KB (34,216 bytes)

Product version:
1.0

Copyright:
Copyright (c) 2003-2011 Security Stronghold

Original file name:
StrongholdAntivirus.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Program Files\stronghold antivirus\strongholdantivirus.sys

Digital Signature
Signed by:
Security Stronghold LLC

Authority:
GlobalSign nv-sa

Valid from:
10/14/2013 7:55:31 PM

Valid to:
12/11/2014 1:49:56 PM

Subject:
E=manager@securitystronghold.com, CN=Security Stronghold LLC, O=Security Stronghold LLC, L=Astrakhan, C=RU

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121ACD1A0DCFFA94069288588DCC5FFCF18

File PE Metadata
Compilation timestamp:
9/8/2013 12:25:29 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
384:LBDlrYRr+EM9MybeHbsQ+pYyaSqZiOy1bAPsgBEgR8SGVSAnZuo9cBl8raCascnc:L/YRr3BXHb34SAAPsgBEYGE6mChc2DJZ

Entry address:
0x803E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 18, BE, FF, FF, CC, CC, 94, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 40, 85, 00, 00, 08, 60, 00, 00, 8C, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 6E, 85, 00, 00, 00, 60, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 5A, 85, 00, 00, 00, 00, 00, 00, 7A, 81, 00, 00, 90, 81, 00, 00, A4, 81, 00, 00, BC, 81, 00, 00, C6, 81, 00, 00, E6, 81, 00, 00, 06, 82, 00, 00, 12, 82, 00, 00, 2E, 82, 00, 00, 42, 82, 00, 00, 5A, 82...
 
[+]

Entropy:
6.5719

Code size:
21.5 KB (22,016 bytes)

Remove StrongholdAntivirus.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.