» bdfndisf.sys
Overview
Analysis
File Details
Behaviors (1)

bdfndisf.sys

BitDefender 13

BITDEFENDER LLC

It runs as a Windows kernel mode device driver named “BitDefender Firewall NDIS Filter Service”.

File name:

bdfndisf.sys

Publisher:

BITDEFENDER LLC (signed and verified)

Product:

BitDefender 13

Description:

BitDefender Firewall NDIS Filter Driver

Version:

5.0.0.14 built by: WinDDK

MD5:

d981965d8d6578d663cf53d70a03f95a

SHA-1:

424a578407a80336333caf4f8472e427722d0b02

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/18/2024 6:50:28 PM UTC (today)

File size:

108.7 KB (111,312 bytes)

Product version:

13.0.0.16

Original file name:

bdfndisf.sys

File type:

Driver (Win32 SYS)

Language:

Language Neutral

Common path:

C:\Windows\System32\drivers\bdfndisf.sys

Digital Signature

Signed by:

BITDEFENDER LLC

Authority:

VeriSign, Inc.

Valid from:

1/19/2010 4:00:00 PM

Valid to:

1/24/2012 3:59:59 PM

Subject:

CN=BITDEFENDER LLC, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=BITDEFENDER LLC, L=Fort Lauderdale, S=Florida, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

1C2DD61A35E65DF6299701FF9BE5CA44

File PE Metadata

Compilation timestamp:

4/9/2010 5:42:45 AM

OS version:

6.0

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

8.0

CTPH (ssdeep):

768:sE+ITjXAgDkahO+qZ/bfIESNrI4XQgrj1Hx9xVyVQQ7ZshifjEW3PyLm/bCTCaMi:z+8X3fkFrPW1yVXZsijKaTCNDx

Entry address:

0x1784B

Entry point:

8B, FF, 55, 8B, EC, A1, 00, D6, 01, 00, 85, C0, B9, 4E, E6, 40, BB, 74, 04, 3B, C1, 75, 1A, A1, 50, D3, 01, 00, 8B, 00, 35, 00, D6, 01, 00, A3, 00, D6, 01, 00, 75, 07, 8B, C1, A3, 00, D6, 01, 00, F7, D0, A3, 04, D6, 01, 00, 5D, E9, FD, FB, FF, FF, CC, 5B, 42, 44, 46, 4E, 44, 49, 53, 46, 5D, 20, 44, 72, 69, 76, 65, 72, 20, 69, 6E, 69, 74, 20, 63, 6F, 6D, 70, 6C, 65, 74, 65, 64, 20, 73, 75, 63, 63, 65, 73, 73, 66, 75, 6C, 6C, 79, 2E, 00, CC, 5B, 42, 44, 46, 4E, 44, 49, 53, 46, 5D, 20, 46, 61, 74, 61, 6C, 20... 
[+]

Entropy:

5.0260

Code size:

56.1 KB (57,472 bytes)

Driver

Display name:

BitDefender Firewall NDIS Filter Service

Service name:

Bdfndisf

Type:

Kernel device driver (KernelDriver)

Group:

NDIS

Scan bdfndisf.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.