home

bphfilterdrv.sys

NetFilter SDK

E-COMMERCE MEDIA GROUP INFORMACAO E TECNOLOGIA LTDA

It runs as a Windows 64-bit kernel mode device driver named “bphfilterdrv”.
Publisher:
NetFilterSDK.com  (signed by E-COMMERCE MEDIA GROUP INFORMACAO E TECNOLOGIA LTDA)

Product:
NetFilter SDK

Description:
NetFilter SDK WFP Driver (WPP)

Version:
1.4.1.6 built by: WinDDK

MD5:
ab038387b108d2b1675693ab7246056b

SHA-1:
d2eef3cd30de32cbbeb88195a8e5292f14f8e98f

SHA-256:
c6b8e19bedefeebd9eb7f9f513975094b3dca403fb727801a43b3ce9e7d015f0

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 6:32:24 PM UTC  (today)

File size:
41.1 KB (42,088 bytes)

Product version:
1.4.1.6

Copyright:
Copyright © 2013 NetFilterSDK.com

Original file name:
netfilter2.sys

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\bphfilterdrv.sys

Digital Signature
Signed by:
E-COMMERCE MEDIA GROUP INFORMACAO E TECNOLOGIA LTDA

Authority:
Thawte, Inc.

Valid from:
7/15/2013 9:00:00 PM

Valid to:
8/15/2015 8:59:59 PM

Subject:
CN=E-COMMERCE MEDIA GROUP INFORMACAO E TECNOLOGIA LTDA, OU=Buscapé na Hora, O=E-COMMERCE MEDIA GROUP INFORMACAO E TECNOLOGIA LTDA, L=São Paulo, S=São Paulo, C=BR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
113F28B339D4835B842257F2AA9B2338

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
768:S4H68W13zdTUp+J8S08vGJwRTAQHQ95uU/PUCJyhUwMd5lTkkMa:Sk68Et8pp5Jyhx8Jl

Entry point:
48, 83, EC, 28, 4C, 8B, C2, 4C, 8B, C9, E8, 95, FF, FF, FF, 49, 8B, D0, 49, 8B, C9, 48, 83, C4, 28, E9, C6, 60, FF, FF, CC, CC, 38, B2, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, D6, B5, 00, 00, 60, 81, 00, 00, 28, B1, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 78, B9, 00, 00, 50, 80, 00, 00, D8, B0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 70, BA, 00, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 54, BA, 00, 00, 00, 00, 00, 00, 40, BA, 00, 00...
 
[+]

Driver
Display name:
bphfilterdrv

Type:
Kernel device driver (KernelDriver)


Scan bphfilterdrv.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.