home

ndiskfd.sys

Windows Packet Filter Kit

Phoenix Soft Corp Limited

It runs as a Windows kernel mode device driver named “Network Filter Driver”.
Publisher:
Phoenix Soft Corp Limited  (signed and verified)

Product:
Windows Packet Filter Kit

Description:
Network packet filter driver

Version:
3.0.8.1

MD5:
4ef7804d00b9b02b225a99debb2f03cd

SHA-1:
3c3c8281b29bc92bd9421ab415066f19cd7adc83

SHA-256:
e396f66a46f200570a8c7077b728664b700a9c09aa4e17abea40cc6a9801a4ba

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 7:01:45 PM UTC  (today)

File size:
27.3 KB (27,904 bytes)

Product version:
3.0.8.1

Copyright:
Copyright © 2000-2011

Original file name:
ndiskfd.sys

File type:
Driver (Win32 SYS)

Language:
Language Neutral

Common path:
C:\Windows\System32\drivers\ndiskfd.sys

Digital Signature
Signed by:
Phoenix Soft Corp Limited

Authority:
GlobalSign nv-sa

Valid from:
7/4/2011 6:01:42 PM

Valid to:
7/4/2014 6:01:42 PM

Subject:
CN=Phoenix Soft Corp Limited, O=Phoenix Soft Corp Limited, L=London, S=England, C=GB

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112107EFA7B63EDB0633D80529571795075A

File PE Metadata
Compilation timestamp:
3/16/2011 5:30:52 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
768:85ym1XJw99Mlka5gHaBv+9FHDq7MyTlEib:MymFJw949xQ9JDqH6ib

Entry address:
0x72D7

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 1F, FD, FF, FF, CC, 53, 00, 74, 00, 61, 00, 72, 00, 74, 00, 75, 00, 70, 00, 4D, 00, 6F, 00, 64, 00, 65, 00, 00, 00, 4D, 00, 54, 00, 55, 00, 44, 00, 65, 00, 63, 00, 72, 00, 65, 00, 6D, 00, 65, 00, 6E, 00, 74, 00, 00, 00, 50, 00, 61, 00, 72, 00, 61, 00, 6D, 00, 65, 00, 74, 00, 65, 00, 72, 00, 73, 00, 00, 00, 4E, 00, 44, 00, 49, 00, 53, 00, 4B, 00, 46, 00, 44, 00, 00, 00, 48, 74, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, D8, 75, 00, 00, B8, 50, 00, 00, 90, 73, 00...
 
[+]

Entropy:
6.2858

Code size:
18 KB (18,432 bytes)

Driver
Display name:
Network Filter Driver

Service name:
ndiskfd

Type:
Kernel device driver (KernelDriver)


Scan ndiskfd.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.