home

grizzlywfp.sys

GRIZZLY Antivirus

NANO Security Ltd

It runs as a Windows kernel mode device driver named “grizzlywfp”.
Publisher:
Grizzly Ltd  (signed by NANO Security Ltd)

Product:
GRIZZLY Antivirus

Description:
GRIZZLY Antivirus WFP driver

Version:
1.0.32.308

MD5:
07692279a823e808c6685bbedb2d02d3

SHA-1:
22722c880bb65c633e54f99d2a3f002fe6db6082

SHA-256:
3ca623a0318fce7eccf935cd5b8c90fb9dd0e7c6d2694e10fc69db0f6f354deb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 6:50:26 AM UTC  (today)

File size:
138.6 KB (141,912 bytes)

Product version:
1.0.32.308

Copyright:
Copyright (C) 2016 NANO Security

Original file name:
grizzlywfp.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Program Files\grizzly antivirus\bin\grizzlywfp.sys

Digital Signature
Signed by:
NANO Security Ltd

Authority:
GlobalSign nv-sa

Valid from:
5/26/2016 6:59:41 PM

Valid to:
5/27/2017 3:36:12 PM

Subject:
CN=NANO Security Ltd, O=NANO Security Ltd, L=Bryansk, S=Bryansk Oblast, C=RU

Issuer:
CN=GlobalSign CodeSigning CA - G3, O=GlobalSign nv-sa, C=BE

Serial number:
59AFDE3D8D0DCFF6689875D4

File PE Metadata
Compilation timestamp:
2/27/2017 10:40:02 AM

OS version:
6.3

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
12.0

Entry address:
0x1D000

Entry point:
8B, FF, 55, 8B, EC, E8, 06, 00, 00, 00, 5D, E9, F0, E8, FE, FF, 8B, FF, 55, 8B, EC, 51, 51, A1, 44, B0, 41, 00, B9, 4E, E6, 40, BB, 85, C0, 74, 04, 3B, C1, 75, 18, 0F, 31, 35, 44, B0, 41, 00, 89, 55, FC, A3, 44, B0, 41, 00, 75, 07, 8B, C1, A3, 44, B0, 41, 00, F7, D0, A3, 40, B0, 41, 00, 8B, E5, 5D, C3, AC, D0, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 06, D4, 01, 00, 14, A0, 01, 00, 10, D1, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 9A, D6, 01, 00, 78, A0, 01, 00, 9C, D0, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Code size:
101.5 KB (103,936 bytes)

Driver
Display name:
grizzlywfp

Description:
GRIZZLY Antivirus wfp module

Type:
Kernel device driver (KernelDriver)

Group:
UIGroup


Scan grizzlywfp.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.