home

mfebopk.sys

SYSCORE

McAfee Test

It runs as a Windows kernel mode device driver named “McAfee Inc. mfebopk”.
Publisher:
McAfee, Inc.  (signed by McAfee Test)

Product:
SYSCORE

Description:
Buffer Overflow Protection Driver

Version:
SYSCORE.15.4.0.811

MD5:
a57ca3b9b3278d33a272259c96ad0a72

SHA-1:
0e34b8c3c4a6e8a472eb827605690f93d7dfb56b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 8:26:08 PM UTC  (today)

File size:
75.1 KB (76,888 bytes)

Product version:
15.4.0.811

Copyright:
Copyright© 1995-2016 McAfee, Inc. All Rights Reserved.

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\mfebopk.sys

Digital Signature
Signed by:
McAfee Test

Authority:
McAfee Test

Valid from:
10/12/2011 5:15:25 PM

Valid to:
12/31/2039 8:59:59 PM

Subject:
CN=McAfee Test

Issuer:
CN=McAfee Test

Serial number:
F6A06EFB5876868D4463691E0519BC9F

File PE Metadata
Compilation timestamp:
2/3/2016 7:35:05 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
768:/2pvwp0+FpDtnefnq7bLN4ZmfBffIXFzddMNaaYkLL/SJKl+GFTR40V/Vg/6qYNl:uat7Cm5HIlDUamv/SkAqXQyvfeRzDqiK

Entry address:
0x13000

Entry point:
55, 8B, EC, 81, EC, 1C, 01, 00, 00, A1, C0, F0, 40, 00, 33, C5, 89, 45, FC, 8B, 45, 08, 53, 8B, 5D, 0C, A3, 18, F1, 40, 00, 56, 8D, 85, E8, FE, FF, FF, 50, C7, 85, E8, FE, FF, FF, 14, 01, 00, 00, FF, 15, 00, C1, 40, 00, 8B, 85, EC, FE, FF, FF, 6B, C0, 64, 03, 85, F0, FE, FF, FF, 8D, 0C, 80, 03, C9, 81, F9, 84, 17, 00, 00, 72, 19, B8, 00, 02, 00, 00, A3, 28, F1, 40, 00, A3, 20, F1, 40, 00, C7, 05, 24, F1, 40, 00, 00, 00, 00, 40, E8, BF, 11, FF, FF, 3D, 92, 13, 00, 00, 7C, 2F, 68, C8, F0, 40, 00, E8, 1E, E2...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
46.5 KB (47,616 bytes)

Driver
Display name:
McAfee Inc. mfebopk

Service name:
mfebopk

Type:
Kernel device driver (KernelDriver)


Scan mfebopk.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.