home

MftWipeFilter.sys

Jetico BCWipe

Jetico Inc. Oy

Publisher:
Windows (R) Win 7 DDK provider  (signed by Jetico Inc. Oy)

Product:
Jetico® BCWipe®

Description:
MFT Wiping Process Filtering Driver

Version:
1.00.1

MD5:
c219faac8b9f8beefb420a050b8fcf13

SHA-1:
8dee9a702f8cb83236ae3a4beb445cd24ffcf5b2

SHA-256:
4bcc24f21e712f62054b96451f53b7dbbbae2a50ddf475382fd73fd131e24b1a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 8:20:00 AM UTC  (today)

File size:
33.4 KB (34,184 bytes)

Product version:
1.00.1

Copyright:
© Jetico Inc. All rights reserved.

Original file name:
MftWipeFilter.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\drivers2000\mftwipefilter.sys

Digital Signature
Signed by:
Jetico Inc. Oy

Authority:
DigiCert Inc

Valid from:
8/27/2015 8:00:00 PM

Valid to:
8/27/2018 8:00:00 AM

Subject:
CN=Jetico Inc. Oy, O=Jetico Inc. Oy, L=Espoo, S=Uusimaa, C=FI

Issuer:
CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
09A129FF53CCBA911A4D44EC015F21D2

File PE Metadata
Compilation timestamp:
8/16/2016 7:06:22 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
384:XejqyVFEaR5T03cD87LSB/dVSNPKel8VrW/bqZsC3ycyXJH15GLJjEffknYPLS3a:XWqyLEwl0n7IcPKey9WNC3UXpaLDa

Entry address:
0x55D8

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 1E, FE, FF, FF, 25, 73, 20, 53, 54, 4F, 50, 20, 20, 25, 73, 0A, 00, CC, 25, 73, 20, 46, 61, 69, 6C, 65, 64, 20, 74, 6F, 20, 63, 72, 65, 61, 74, 65, 20, 73, 79, 6D, 62, 6F, 6C, 69, 63, 20, 6C, 69, 6E, 6B, 20, 66, 6F, 72, 20, 64, 65, 76, 69, 63, 65, 21, 20, 73, 74, 61, 74, 75, 73, 20, 3D, 20, 30, 78, 25, 78, 0A, 00, CC, 25, 73, 20, 46, 61, 69, 6C, 65, 64, 20, 74, 6F, 20, 63, 72, 65, 61, 74, 65, 20, 43, 6F, 6E, 74, 72, 6F, 6C, 20, 44, 65, 76, 69, 63, 65, 20, 4F...
 
[+]

Entropy:
6.2345

Code size:
17.5 KB (17,920 bytes)

Scan MftWipeFilter.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.