home

mp110004.sys

Micropoint Proactive Defense Software

BeiJing Eastern Micropoint Info-Tech CO., LTD

It runs as a Windows kernel mode device driver named “mp110004”.
Publisher:
Micropoint Corporation  (signed by BeiJing Eastern Micropoint Info-Tech CO., LTD)

Product:
Micropoint Proactive Defense Software

Description:
mp110004

Version:
2.0.10138

MD5:
0a43c2c116d4ebc1ef5f6c44b3ac2fe0

SHA-1:
c437b5468b89b89c6351b3ea602629990ecdebdd

SHA-256:
034d45b1c1c4fcef8ffe797451fca25300c46b4f15b940e36144f0e56998687c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/20/2024 1:05:34 AM UTC  (today)

File size:
52.7 KB (53,920 bytes)

Product version:
2.0.10138

Copyright:
Copyright (c) 2005-2011 Micropoint Corporation

Original file name:
mp110004.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\mp110004.sys

Digital Signature
Signed by:
BeiJing Eastern Micropoint Info-Tech CO., LTD

Authority:
VeriSign, Inc.

Valid from:
5/2/2012 8:00:00 AM

Valid to:
7/2/2015 7:59:59 AM

Subject:
CN="BeiJing Eastern Micropoint Info-Tech CO., LTD", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="BeiJing Eastern Micropoint Info-Tech CO., LTD", L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2A02D658AA635EE8A99E5F46B5C567F7

File PE Metadata
Compilation timestamp:
9/27/2012 3:38:42 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
7.10

CTPH (ssdeep):
768:vzgULd3Dx21SxH+55UcRaV4+oOSBLldn5M2UcDZC290Hho3CIIL0r:7N3DxS5UcRaVkOSBLHVn90BzG

Entry address:
0x9AE1

Entry point:
A1, B4, 92, 01, 00, 85, C0, B9, 4E, E6, 40, BB, 74, 04, 3B, C1, 75, 19, A1, B8, 77, 01, 00, 8B, 00, 35, B4, 92, 01, 00, A3, B4, 92, 01, 00, 75, 06, 89, 0D, B4, 92, 01, 00, E9, 43, FE, FF, FF, CC, CC, CC, F8, 9B, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 6C, A0, 00, 00, 80, 77, 00, 00, 78, 9B, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, E2, A0, 00, 00, 00, 77, 00, 00, 90, 9B, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 7A, A1, 00, 00, 18, 77, 00, 00, DC, 9B, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, B8, A1, 00, 00, 64...
 
[+]

Entropy:
6.5315

Code size:
30.9 KB (31,616 bytes)

Driver
Display name:
mp110004

Type:
Kernel device driver (KernelDriver)

Group:
Base


Scan mp110004.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.