home

FilesystemServiceModule.dll

Mandiant Intelligent Response

MANDIANT Corporation

Publisher:
MANDIANT Corporation  (signed and verified)

Product:
Mandiant Intelligent Response

Description:
MIR Filesystem Service Module

Version:
1.3.10.0

MD5:
05acd4007cafa3e7158f5641f25a4a3f

SHA-1:
96d4bd41686897126a53926b6bd7a2f1780de98d

SHA-256:
bb7b0c354cf997b0f0361c15f931ab24be0244ea36d6825d22be349c78bc686f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/27/2024 2:33:29 AM UTC  (today)

File size:
572.6 KB (586,384 bytes)

Product version:
1.3.3

Original file name:
FilesystemServiceModule.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\mandiant\mandiant intelligent response agent\services\filesystemservicemodule.dll

Digital Signature
Signed by:
MANDIANT Corporation

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
1/16/2008 5:00:00 PM

Valid to:
11/13/2009 4:59:59 PM

Subject:
CN=MANDIANT Corporation, OU=PRODUCT DEVELOPMENT, O=MANDIANT Corporation, L=Alexandria, S=Virginia, C=US

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
0A0BBDDED69A6C6303CF5641FCD39FBC

File PE Metadata
Compilation timestamp:
9/12/2009 6:17:05 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:cOaIE5AlhPwk3i0XMD1h9m0/Ggb1VRhyU3txMWZD+5FUgMT4N:HRE5AXPwkyhz3tOEa5FUgz

Entry address:
0x59C0D

Entry point:
83, 7C, 24, 08, 01, 75, 05, E8, 78, A7, 00, 00, FF, 74, 24, 04, 8B, 4C, 24, 10, 8B, 54, 24, 0C, E8, ED, FE, FF, FF, 59, C2, 0C, 00, B8, E8, 47, 08, 10, C3, A1, A0, 92, 08, 10, 85, C0, 56, 6A, 14, 5E, 75, 07, B8, 00, 02, 00, 00, EB, 06, 3B, C6, 7D, 07, 8B, C6, A3, A0, 92, 08, 10, 6A, 04, 50, E8, 16, 29, 00, 00, 85, C0, 59, 59, A3, 9C, 82, 08, 10, 75, 1E, 6A, 04, 56, 89, 35, A0, 92, 08, 10, E8, FD, 28, 00, 00, 85, C0, 59, 59, A3, 9C, 82, 08, 10, 75, 05, 6A, 1A, 58, 5E, C3, 33, D2, B9, E8, 47, 08, 10, EB, 05...
 
[+]

Entropy:
6.6366

Code size:
444 KB (454,656 bytes)

Scan FilesystemServiceModule.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.