» mmpdrv.sys
Overview
Analysis
File Details
Behaviors (1)

mmpdrv.sys

Supercool driver-based tool

SageTech

It runs as a Windows kernel mode device driver named “MiniAide Magic Partition Driver”.

File name:

mmpdrv.sys

Publisher:

<company name here> (signed by SageTech)

Product:

Supercool driver-based tool

Description:

The driver for the supercool driver-based tool

Version:

1.0.0.60

MD5:

37ef79b0abb6a99796a0538d4e5f26e4

SHA-1:

13e612775a4a3bac4ccd8683d37257e536304752

SHA-256:

9ca816fb98cc720e5d7a30c56d36c5f1d9142228560e91e372dca5541e1d7b00

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/18/2024 9:53:57 PM UTC (today)

File size:

21.2 KB (21,752 bytes)

Product version:

1.0

Original file name:

Replicator

File type:

Driver (Win32 SYS)

Language:

Language Neutral

Common path:

C:\Windows\System32\drivers\mmpdrv.sys

Digital Signature

Signed by:

SageTech

Authority:

VeriSign, Inc.

Valid from:

5/11/2011 9:00:00 PM

Valid to:

5/19/2014 8:59:59 PM

Subject:

CN=SageTech, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=SageTech, L=San Jose, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

31309A599C3FE22C5AF29A1415C31BC5

File PE Metadata

Compilation timestamp:

7/21/2012 11:49:02 AM

OS version:

5.2

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

8.0

CTPH (ssdeep):

384:RCPBdogFSQ7QGHx23mirILypkEkd6jG2neMIX/:0pd1bQGRxIIL3E2mWP

Entry address:

0x1870

Entry point:

44, 8B, 6C, 24, 38, 44, 8B, 64, 24, 34, 8B, 54, 24, 40, 45, 33, D2, 4C, 8D, 05, F4, 0B, 00, 00, 41, B9, FF, FF, FF, 7F, 66, 8B, 3E, 66, 85, FF, 41, BB, 01, 00, 00, 00, 0F, 85, AD, F7, FF, FF, 41, 8B, C4, 48, 81, C4, 88, 04, 00, 00, 41, 5F, 41, 5E, 41, 5D, 41, 5C, 5F, 5E, 5D, 5B, C3, 4C, 8D, 4C, 24, 34, 4C, 8B, C6, 41, 8B, D7, 48, 8B, CB, E8, 92, F6, FF, FF, EB, 81, C2, 01, 00, 00, 00, 00, 00, 00, 29, 00, 00, 00, 79, 00, 00, 00, C5, 00, 00, 00, CD, 00, 00, 00, 04, 01, 00, 00, DC, 01, 00, 00, 00, 00, 00, 00... 
[+]

Code size:

7 KB (7,168 bytes)

Driver

Display name:

MiniAide Magic Partition Driver

Service name:

mmpDrv

Type:

Kernel device driver (KernelDriver)

Scan mmpdrv.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.