» TeeDriver.sys
Overview
Analysis
File Details

TeeDriver.sys

Intel Management Engine Interface

Intel Corporation

File name:

TeeDriver.sys

Publisher:

Intel Corporation (signed and verified)

Product:

Intel(R) Management Engine Interface

Version:

10.0.0.1012

MD5:

52d06207d1253b17bc095775c9868031

SHA-1:

cb09b13c9c1258f8107b6cbf6cb16fb67e94f6d4

SHA-256:

232687b2e3c005d12cb84a5310550ef4b681e876c3b4471ac4ccbd27f1a96618

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/24/2024 3:48:51 PM UTC (today)

File size:

91.5 KB (93,656 bytes)

Product version:

10.0.0.1012

Original file name:

TeeDriver.sys

File type:

Driver (Win32 SYS)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\x86\teedriver.sys

Digital Signature

Signed by:

Intel Corporation

Authority:

Intel Corporation

Valid from:

8/1/2012 6:27:23 PM

Valid to:

5/15/2015 3:35:13 PM

Subject:

CN=Intel Corporation - Intel® Management Engine Firmware, OU=Intel Architecture Group, O=Intel Corporation

Issuer:

CN=Intel External Basic Issuing CA 3A, O=Intel Corporation, C=US

Serial number:

1701CEEB000100009028

File PE Metadata

Compilation timestamp:

11/5/2013 10:26:47 AM

OS version:

6.2

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

11.0

CTPH (ssdeep):

1536:4Z1MP84TMTu9xWMg01LU44bHD9JKsPOVUc:GGP84TFT1LuP9JKsG

Entry address:

0x102A8

Entry point:

8B, FF, 55, 8B, EC, E8, F8, 4E, 00, 00, 5D, E9, 1C, FF, FF, FF, CC, CC, CC, CC, CC, CC, E8, 31, 00, 00, 00, C2, 08, 00, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, A1, C4, 27, 41, 00, 85, C0, 74, 0C, 3D, CC, 02, 41, 00, 74, 05, FF, 75, 08, FF, D0, E8, 09, 00, 00, 00, 5D, C2, 04, 00, CC, CC, CC, CC, CC, 8B, FF, 56, BE, 98, 20, 41, 00, 56, E8, 6C, 00, 00, 00, FF, 35, C8, 27, 41, 00, 56, 68, E0, 29, 41, 00, E8, 23, 01, 00, 00, 5E, C3, CC, CC, CC, CC, CC, 8B, FF, 57, B8, C8, 20, 41, 00, BF, D0, 20, 41, 00, 3B... 
[+]

Entropy:

6.5493

Code size:

71 KB (72,704 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.