» grizzlykrn.sys
Overview
Analysis
File Details
Behaviors (1)

grizzlykrn.sys

GRIZZLY Antivirus

NANO Security Ltd

It runs as a Windows kernel mode device driver named “grizzlykrn”.

File name:

grizzlykrn.sys

Publisher:

Grizzly Ltd (signed by NANO Security Ltd)

Product:

GRIZZLY Antivirus

Description:

GRIZZLY Antivirus kernel module

Version:

1.0.32.308

MD5:

b498f3effe99e06cde86ed3908e08411

SHA-1:

63aab9c3535c9fe47b298e48528dc851e328ec36

SHA-256:

ba5a0ff59340eda39a3140df2bf2b2588672ae90572aeb0d1c84042ccfae1e75

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/30/2024 10:11:06 AM UTC (today)

File size:

217.6 KB (222,792 bytes)

Product version:

1.0.32.308

Original file name:

grizzlykrn.sys

File type:

Driver (Win32 SYS)

Common path:

C:\Program Files\grizzly antivirus\bin\grizzlykrn.sys

Digital Signature

Signed by:

NANO Security Ltd

Authority:

GlobalSign nv-sa

Valid from:

5/26/2016 6:59:41 PM

Valid to:

5/27/2017 3:36:12 PM

Subject:

CN=NANO Security Ltd, O=NANO Security Ltd, L=Bryansk, S=Bryansk Oblast, C=RU

Issuer:

CN=GlobalSign CodeSigning CA - G3, O=GlobalSign nv-sa, C=BE

Serial number:

59AFDE3D8D0DCFF6689875D4

File PE Metadata

Compilation timestamp:

2/27/2017 10:39:56 AM

OS version:

6.3

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

12.0

Entry address:

0x2E136

Entry point:

8B, FF, 55, 8B, EC, E8, 06, 00, 00, 00, 5D, E9, BA, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 51, A1, F4, D2, 42, 00, B9, 4E, E6, 40, BB, 85, C0, 74, 04, 3B, C1, 75, 18, 0F, 31, 35, F4, D2, 42, 00, 89, 55, FC, A3, F4, D2, 42, 00, 75, 07, 8B, C1, A3, F4, D2, 42, 00, F7, D0, A3, F0, D2, 42, 00, 8B, E5, 5D, C3, 67, 72, 69, 7A, 7A, 6C, 79, 6B, 72, 6E, 20, 28, 74, 69, 64, 3D, 25, 30, 35, 75, 29, 3A, 20, 2D, 2D, 2D, 2D, 2D, 2D, 2D, 2D, 2D, 2D, 2D, 2D, 2D, 2D, 2D, 2D, 2D, 2D, 2D, 2D, 2D, 2D, 2D, 2D, 2D, 2D, 2D, 2D, 2D... 
[+]

Code size:

169.5 KB (173,568 bytes)

Driver

Display name:

grizzlykrn

Description:

GRIZZLY Antivirus kernel module

Type:

Kernel device driver (KernelDriver)

Group:

UIGroup

Scan grizzlykrn.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.