home

DptfDevAmbient.sys

Intel Dynamic Platform & Thermal Framework

UMG - MDFLD Drivers

It runs as a Windows 64-bit kernel mode device driver named “DptfDevAmbient”.
Publisher:
Intel Corporation  (signed by UMG - MDFLD Drivers)

Product:
Intel Dynamic Platform & Thermal Framework

Description:
Intel Dynamic Platform & Thermal Framework Ambienter Participant Driver

Version:
07.1.0.164

MD5:
64d4f917535cb03a7bee9f370d0ccd23

SHA-1:
ba9aa8cddf18c1145d811d0daf4d8d64596730b0

SHA-256:
e0698b272c6196b3ecf046544e6bcedb0df5768cf90322f318b2f7094853fd23

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 12:18:28 PM UTC  (today)

File size:
46.2 KB (47,344 bytes)

Product version:
07.1.0.164

Copyright:
Copyright(C) 2003-2012 Intel Corporation

Original file name:
DptfDevAmbient.sys

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\dptfdevambient.sys

Digital Signature
Signed by:
UMG - MDFLD Drivers

Authority:
Intel Corporation

Valid from:
10/14/2011 10:38:56 AM

Valid to:
9/28/2014 10:38:56 AM

Subject:
CN=UMG - MDFLD Drivers

Issuer:
CN=Intel External Basic Issuing CA 3A, O=Intel Corporation, C=US

Serial number:
20435C4D00010000711B

File PE Metadata
Compilation timestamp:
1/10/2014 4:42:42 AM

OS version:
6.3

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
11.0

CTPH (ssdeep):
768:MMO19eD4+S4s7FLb21zW9NVbJlra5eVEL2cHecQVjXO8PGiUS:IMp+vpJl+QC6hO8PPUS

Entry address:
0x7DE8

Entry point:
48, 89, 5C, 24, 08, 57, 48, 83, EC, 20, 48, 8B, DA, 48, 8B, F9, E8, 03, 52, 00, 00, 48, 8B, D3, 48, 8B, CF, 48, 8B, 5C, 24, 30, 48, 83, C4, 20, 5F, E9, 02, 00, 00, 00, CC, CC, 48, 89, 5C, 24, 08, 48, 89, 6C, 24, 10, 48, 89, 74, 24, 18, 57, 48, 83, EC, 20, 33, ED, 48, 8B, F2, 48, 8B, F9, 48, 85, C9, 75, 0A, E8, 46, C9, FF, FF, E9, E0, 00, 00, 00, 48, 89, 0D, 52, 32, 00, 00, 48, 8D, 05, 63, 32, 00, 00, 48, 8D, 0D, 64, 34, 00, 00, 48, 89, 05, 65, 34, 00, 00, C7, 05, 53, 34, 00, 00, 00, 00, 08, 02, FF, 15, 25...
 
[+]

Entropy:
6.2159

Code size:
31.5 KB (32,256 bytes)

Driver
Display name:
DptfDevAmbient

Type:
Kernel device driver (KernelDriver)

Group:
Base


Scan DptfDevAmbient.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.