Gridinsoft Logo

The bfsvc.exe (Boot File Servicing Utility) File Analysis

Updated 1 year ago
Checked by Malware Check
bfsvc.exe

Technical Analysis

File Name bfsvc.exe
File Type
PE32+ executable (console) x86-64, for MS Windows
Scanner Version 1.0.170.174
Database Version 2024-04-03 21:00:44 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
87,040
File Size (bytes)
2024-04-03
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
25ae86d9e014e71c3cc7acee4d759f19
SHA1
16544928a97ae3eb2595de1d635b3fbfae7fa3c7
SHA256
e20691a83203d50e07185b8810fadc3d120a53343255f173d51b4082c3d75806
SHA512
43c76a3d30fa59210544354a24970af316f764abcf53b63aa9009c556d964818d8a2c1949b016e9bed656093430c1f1cef48cbd8f60331fdff7e986a6fddf3e5
ImpHash
8e4abc6268ae75f01a2b55e3657c4d2b

PE Analysis

Basic Information

Image Base 0x140000000
Entry Point 0x14000ca50
Compilation Time 2049-04-24 20:46:01
Checksum 0x00018372 (Actual: 0x00018372)
OS Version 10.0
PEiD Signatures PE32+ executable (console) x86-64, for MS Windows
PDB Path bfsvc.pdb
Digital Signature The PE file does not contain a certificate table.
Imports 8 libraries
ADVAPI32, KERNEL32, msvcrt, RPCRT4, imagehlp, SHELL32, SHLWAPI, ntdll
Exports 0 functions
Resources 3 Resources
Sections 6 Sections

Version Information

CompanyName Microsoft Corporation
FileDescription Boot File Servicing Utility
FileVersion 10.0.19041.3636 (WinBuild.160101.0800)
InternalName bfsvc.exe
LegalCopyright © Microsoft Corporation. All rights reserved.
OriginalFilename bfsvc.exe
ProductName Microsoft® Windows® Operating System
ProductVersion 10.0.19041.3636
Translation 0x0409 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 49,744 bytes 50,176 bytes 6.10 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 2636C33F767C237B6CB590289788059C
.rdata 0x0000e000 30,386 bytes 30,720 bytes 4.14 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ C1C04F1AD82022E8C1368C6C2B36564B
.data 0x00016000 1,912 bytes 512 bytes 0.68 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE C93EE4A30B7A68908C162407D058A4C5
.pdata 0x00017000 1,524 bytes 1,536 bytes 4.78 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 4340392739DFC1BABFF4A8E5B6342B35
.rsrc 0x00018000 2,072 bytes 2,560 bytes 3.76 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 18461F6BBAD387C18476A095AEC369F0
.reloc 0x00019000 60 bytes 512 bytes 0.73 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ B3410B4746EEC9FA83F89E54B89E0358

Resource Analysis

Total Resources: 3 (1,822 bytes)
Resource Type Count Total Size Percentage
MUI 1 200 bytes
11%
RT_VERSION 1 924 bytes
50.7%
RT_MANIFEST 1 698 bytes
38.3%

Certificate Chain Analysis

Certificate Information
Product Microsoft® Windows® Operating System
Description Boot File Servicing Utility
File Version 10.0.19041.3636 (WinBuild.160101.0800)
Original Name bfsvc.exe
Internal Name bfsvc.exe
Copyright © Microsoft Corporation. All rights reserved.

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

The PE file does not contain a certificate table.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware