SensiGuard.exe

SensiGuard

WebMinds, Inc.

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘SensiGuard’.
Publisher:
Webminds, Inc  (signed by WebMinds, Inc.)

Product:
SensiGuard

Description:
SensiGuard File Explorer

Version:
3.6.0.0

MD5:
fc5ac52fffcb21e9b91e62a14008aab8

SHA-1:
3923f5659fc7c432d0ffa13f8de66a99b58cde82

SHA-256:
9f8b7470112f1223962d83ade0310fb67f641c2403766a15d45a3fadfeced00c

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/25/2024 2:02:52 PM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
riskware program Program.Unwanted.547
9.0.1.05190

File size:
1.1 MB (1,129,552 bytes)

Product version:
3.6.0.0

Copyright:
Copyright © 2015 Webminds, Inc

Original file name:
SensiGuard.exe

File type:
Executable application (Win64 EXE)

Common path:
C:\Program Files\sensiguard\sensiguard.exe

Digital Signature
Signed by:

Authority:
GoDaddy.com, Inc.

Valid from:
2/12/2015 12:46:40 AM

Valid to:
2/12/2017 12:46:40 AM

Subject:
CN="WebMinds, Inc.", O="WebMinds, Inc.", L=Fort Myers, S=Florida, C=US

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
00C550BB58B661A050

File PE Metadata
Compilation timestamp:
3/20/2015 1:17:49 AM

OS version:
6.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
12288:ZNAKFCdEqwN8AvqZJ5ZCJdOxOm4AHPF5KVXQKEEqzoz7BcOwN021/7W4o:ZdQW9vqZ3ZvxV48vKiOwx1K4o

Entry address:
0x658C4

Entry point:
48, 83, EC, 28, E8, B3, 06, 00, 00, 48, 83, C4, 28, E9, F2, FD, FF, FF, FF, 25, 44, 6E, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 3B, 0D, 49, C9, 02, 00, 75, 11, 48, C1, C1, 10, 66, F7, C1, FF, FF, 75, 02, F3, C3, 48, C1, C9, 10, E9, FD, 01, 00, 00, CC, FF, 25, 02, 6E, 00, 00, CC, CC, 40, 53, 48, 83, EC, 20, 48, 83, 3D, 6A, 14, 04, 00, 00, 75, 36, BA, 08, 00, 00, 00, 8D, 4A, 18, FF, 15, 22, 70, 00, 00, 48, 8B, C8, 48, 8B, D8, FF, 15, BE, 69, 00, 00, 48, 89...
 
[+]

Entropy:
6.2858

Code size:
425 KB (435,200 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
SensiGuard

Command:
"C:\Program Files\sensiguard\sensiguard.exe" \m


Scan SensiGuard.exe - Powered by Reason Core Security