home

geer001.sys

Wiselogic Co., Ltd.

It runs as a Windows kernel mode device driver named “Geer001”.
Publisher:
www.wiselogic.co.kr  (signed by Wiselogic Co., Ltd.)

Description:
Windows Kernel

Version:
1.02

MD5:
424dfed537e122a0c9eab0e55d8638a6

SHA-1:
bbc3d5406e81fd12fa1cf97a9cf512d3e5cc09e5

SHA-256:
0961224f6f8b702c88d7391f273c3d15ad443f630cd9d98071f3feb31db3d370

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/27/2024 6:33:38 AM UTC  (today)

File size:
112.5 KB (115,160 bytes)

Product version:
1.02

Copyright:
Copyright (C)WiseLogic 2004

Original file name:
XTrapD12.Sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Digital Signature
Signed by:
Wiselogic Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
12/20/2014 8:00:00 AM

Valid to:
2/19/2016 7:59:59 AM

Subject:
CN="Wiselogic Co., Ltd.", O="Wiselogic Co., Ltd.", L=Gangnam gu, S=Seoul, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1B0D972817EE51F8B11024C8B3933427

File PE Metadata
Compilation timestamp:
11/17/2015 4:23:34 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

Entry address:
0x18B3E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, E2, 99, FE, FF, CC, CC, A0, 8B, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 12, 90, 01, 00, 94, 5B, 01, 00, 8C, 8B, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 6C, 90, 01, 00, 80, 5B, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 46, 90, 01, 00, 34, 90, 01, 00, 20, 90, 01, 00, 54, 90, 01, 00, 00, 00, 00, 00, FE, 8C, 01, 00, 14, 8D, 01, 00, 2C, 8D, 01, 00, 36, 8D, 01, 00, 50, 8D, 01, 00, 6A, 8D, 01, 00, 82, 8D, 01, 00, 9E, 8D...
 
[+]

Entropy:
5.7720

Code size:
87.5 KB (89,600 bytes)

Driver
Display name:
Geer001

Type:
Kernel device driver (KernelDriver)


Scan geer001.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.