mpengine.dll

Microsoft Malware Protection

Microsoft Corporation

The Microsoft Malware Protection Engine is part of the anti-malware/anti-spyware components of Windows Defender and Microsoft Security Essentials and is the primary engine for protection, scan and removal of malware. The mpengine.dll is delivered via Windows Updates as well as virus definition updates.
Publisher:
Microsoft Corporation  (signed and verified)

Product:
Microsoft Malware Protection

Description:
Microsoft Malware Protection Engine

Version:
1.1.10600.0

MD5:
93057021ea8731632e4b8766b2ac68c0

SHA-1:
10ca835b5eda0683b7d4ddcc5fc22bb4da2955c3

SHA-256:
15daf9e2c3d7ad7d5441b43ff2c79e19f201f562bc60f265117d1c4046ff4af3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
12/3/2016 10:51:04 AM UTC  (today)

File size:
10.2 MB (10,702,536 bytes)

Product version:
1.1.10600.0

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
mpengine.dll

File type:
Dynamic link library (Win64 DLL)

Language:
English (United States)

Common path:
C:\ProgramData\microsoft\microsoft antimalware\definition updates\{9caf96e3-ac54-4996-a35e-3d646d97dca8}\mpengine.dll

Digital Signature
Authority:
Microsoft Corporation

Valid from:
4/22/2014 10:39:00 AM

Valid to:
7/22/2015 10:39:00 AM

Subject:
CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
33000000CA6CD5321235C4E1550001000000CA

File PE Metadata
Compilation timestamp:
4/30/2014 4:15:16 PM

OS version:
6.3

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
11.0

CTPH (ssdeep):
98304:6mWFhqd9DaJudpyaB1ofZVkJ/8Hh+MKisk4vfWKG7Wia2W/yXgh8V:6tFhqba+B1GkJ/7isk42KGJaaCC

Entry address:
0x2D5608

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 0F, 84, 71, 2B, FC, FF, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, EB, 03, CC, 90, 90, 48, 8B, C4, 48, 89, 58, 20, 4C, 89, 40, 18, 89, 50, 10, 48, 89, 48, 08, 56, 57, 41, 56, 48, 81, EC, 40, 01, 00, 00, 8B, FA, 4C, 8B, F1, BE, 01, 00, 00, 00, 8B, DE, 89, 5C, 24, 20, 3B, D6, 77, 06, 89, 15, A5, DE, 66, 00, 85, D2, 75, 13, 39, 15, D7, ED, 66, 00, 75, 0B, 33...
 
[+]

Entropy:
6.2405

Code size:
9 MB (9,488,896 bytes)