home

ichfilter.sys

Rnd Software Group Inc.

It runs as a Windows file system device driver named “ICHFilter”.
Publisher:
Rnd Software Group Inc.  (signed and verified)

MD5:
2028ea74d4c08baeee3391f5670000f9

SHA-1:
4c1ba1a6afe767a787ccf54d5c8766a485296b3f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 10:43:58 PM UTC  (today)

File size:
188 KB (192,504 bytes)

File type:
Driver (Win32 SYS)

Common path:
C:\windows\lvgic961\ichfilter.sys

Digital Signature
Signed by:
Rnd Software Group Inc.

Authority:
DigiCert Inc

Valid from:
11/17/2016 7:00:00 PM

Valid to:
12/31/2019 7:00:00 AM

Subject:
CN=Rnd Software Group Inc., O=Rnd Software Group Inc., L=Brooklyn, S=New York, C=US, PostalCode=11222, STREET="41 Box Street #305", OID.2.5.4.5=4416208, OID.1.3.6.1.4.1.311.60.2.1.2=New York, OID.1.3.6.1.4.1.311.60.2.1.3=US, OID.2.5.4.15=Private Organization

Issuer:
CN=DigiCert EV Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0770FF452D581C339F02AF43CBE43121

File PE Metadata
Compilation timestamp:
11/2/2016 5:21:20 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

Entry address:
0x279BE

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, F4, 92, FD, FF, CC, CC, 14, 7A, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, 52, 7F, 02, 00, 88, 22, 00, 00, 0C, 7A, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, 74, 7F, 02, 00, 80, 22, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 60, 7F, 02, 00, 00, 00, 00, 00, 12, 7B, 02, 00, 2A, 7B, 02, 00, 44, 7B, 02, 00, 62, 7B, 02, 00, 6C, 7B, 02, 00, 84, 7B, 02, 00, 9C, 7B, 02, 00, AA, 7B, 02, 00, B6, 7B, 02, 00, C8, 7B, 02, 00, E0, 7B...
 
[+]

Entropy:
2.0697

Code size:
9.1 KB (9,344 bytes)

Driver
Display name:
ICHFilter

Type:
File system 'filter' driver (FileSystemDriver)

Group:
FSFilter Activity Monitor

Depends on:
FltMgr


Scan ichfilter.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.