cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
bretzeli
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 1 of 6

MCAFEE ENS 10.7 NOV HASH certificate strange entry from Mcafee trust itself?

Hello,

We have a injector in ENS where we don't know wy it's there and if it's from Mcafee?

This is rather strange question:

a) If the Certificate is from MCAFEE why does it appear there? 

b) Is it from Mcafee can anybody confirm this?

c) Is it a bug that it appears there?

d) Is it fake an malware?

 

> We know what the functions does and how to use it

 

Details as text from above screenshot:


McAfee, Inc.

C=US, S=California, L=Santa Clara, O="McAfee, Inc.", OU=Engineering, CN="McAfee, Inc."

E4A6C96859143A6042FE9211B3EAD2964DC459AFB07210DF55E8A80727651

 

mcafee002_2020-11-17 16_00_21-Window.png

mcafee001_2020-11-17 16_00_21-Window.png

 

5 Replies
AjaySundar
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 6

Re: MCAFEE ENS 10.7 NOV HASH certificate strange entry from Mcafee trust itself?

Hi @bretzeli ,

Good day to you!

I checked the hash against the known database and couldn't find much information as to which file it belongs to.

We would request you to open an SR with the support team to get this checked further.

Thanks,

AJ

bretzeli
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 3 of 6

Re: MCAFEE ENS 10.7 NOV HASH certificate strange entry from Mcafee trust itself?

Should it IN any case appear even there? We have never seen this in ENS there from Mcafee itself?

Thank you

 

bretzeli
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 4 of 6

Re: MCAFEE ENS 10.7 NOV HASH certificate strange entry from Mcafee trust itself?

Could you please check again if you find something? Ther Cert appears under follwing SQL table from EPO 5.9.1

EPCertificateMT

AutoId Vendor Subject Hash Cert EpoCert


A58811B9-29F3-EA11-901F-0050568174D0 McAfee, Inc. C=US, S=California, L=Santa Clara, O="McAfee, Inc.", OU=Engineering, CN="McAfee, Inc."

E4A6C96859143A6042FE9211B3EAD2964DC459AFB07210DF55E8A80727651

IAAAAAEAAADyBAAAMIIE7jCCA9agAwIBAgIMMDAjJILqaajoaUvLMA0GCSqGSIb3DQEBBQUAMFExCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMScwJQYDVQQDEx5HbG9iYWxTaWduIENvZGVTaWduaW5nIENBIC0gRzMwHhcNMTkwNzEyMTkyODE2WhcNMjIwNzEyMTg1ODM1WjB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEUMBIGA1UEBxMLU2FudGEgQ2xhcmExFTATBgNVBAoTDE1jQWZlZSwgSW5jLjEUMBIGA1UECxMLRW5naW5lZXJpbmcxFTATBgNVBAMTDE1jQWZlZSwgSW5jLjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPNMmLycv6DyoMMzYJsWunzgaZZVrMQo/grUn9J0+6mJYU35o8Lz5y1ME3roT+cVeIMZaHsK+mSuwiFNkJhD7O1ZgrOSnxFk81mSPaWPFTA3GdSuKnbSGW5W86y6FIhDvevcHcBJ3f14p5rXL1+JfC7go4MQ+l5nCqWf9/7Q32KyEXWUZCPAsCDNATflMtOqAv/QTziEYG91rnU5226WNpv/SKrFLNBpDUpq0QMP3XGJ8aMc1JVbcQQnvJazdvzAskAVZFWXkkmvM03VXeA+HQteb/GfZlaILjDmyykSLdSRduOClETyC4x1xVm1e5WAW10lvplm/u3s7LWGJ4cfxckCAwEAAaOCAZkwggGVMA4GA1UdDwEB/wQEAwIHgDCBigYIKwYBBQUHAQEEfjB8MEQGCCsGAQUFBzAChjhodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc2NvZGVzaWduZzNvY3NwLmNydDA0BggrBgEFBQcwAYYoaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL2dzY29kZXNpZ25nMzBWBgNVHSAETzBNMEEGCSsGAQQBoDIBMjA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAIBgZngQwBBAEwCQYDVR0TBAIwADA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL2dzL2dzY29kZXNpZ25nMy5jcmwwEwYDVR0lBAwwCgYIKwYBBQUHAwMwHwYDVR0jBBgwFoAUs9Pm1XFWfTlYs3jSK7j3oR/9S5swHQYDVR0OBBYEFKClkUk5XYwevb40OKCG4ZWvDAquMA0GCSqGSIb3DQEBBQUAA4IBAQCBQYKu+rERo7xtJG1uuBIT6WKP6DFQbvM8N8IVqgcv9LbN/ue7fxCGSntS2l/KTgg5DoqvrJLCZN7bO2fD9cT7brQwM5kIeTX9yv0UguxdODNQy+9AZdpga4jHyzby4xI1S3cFRceYyhUD1c++zJxmqLHJ/qLtl2nhnq4E9id6eOiU6L9PKhsLg49EXVygQAwcULM+F8xJ6Mq7QHLhYOAT+zEaWkWvUyMK6Dwa0YYCStAQkTrG21q7/0MuVMDOpRS1hcxSLRdSA9dPcFYEUAEZu07/B+94sqh4IzBrLqfBuKG48s3awJ3ZokJqfkj7dFrgBi4eNka3Hs2FaX0LrhXI NULL

 

 

Re: MCAFEE ENS 10.7 NOV HASH certificate strange entry from Mcafee trust itself?

Hello,

 

Same behaviour there with 3 related Mcafee stuff:

 

 
McAfeeSysPrep
CN=McAfeeSysPrep
D2E0635BF051B1F129BEB5957181932A220283E36AD1A66C4E52861B7D165DC
 
McAfee, Inc.
C=US, S=California, L=Santa Clara, O="McAfee, Inc.", OU=Engineering, CN="McAfee, Inc."
E4A6C96859143A6042FE9211B3EAD2964DC459AFB07210DF55E8A80727651
 
McAfee, Inc.
C=US, S=California, L=Santa Clara, O="McAfee, Inc.", OU=Engineering, CN="McAfee, Inc."
502955B8FE3BC13AE1BFD7F3ACA0ECB42C3CE7A1639EF2A46F0FDC2A198CAF9
mlajoie
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 6 of 6

Re: MCAFEE ENS 10.7 NOV HASH certificate strange entry from Mcafee trust itself?

same:
McAfee, Inc. C=US, S=California, L=Santa Clara, O="McAfee, Inc.", OU=Engineering, CN="McAfee, Inc." 502955B8FE3BC13AE1BFD7F3ACA0ECB42C3CE7A1639EF2A46F0FDC2A198CAF9

McAfee, Inc. C=US, S=California, L=Santa Clara, O="McAfee, Inc.", OU=Engineering, CN="McAfee, Inc." E4A6C96859143A6042FE9211B3EAD2964DC459AFB07210DF55E8A80727651

McAfee, Inc. C=US, PostalCode=95054, S=California, L=Santa Clara, STREET=2821 Mission College Blvd, O="McAfee, Inc.", OU=Engineering, CN="McAfee, Inc." 9F18394A24D04364FA39248CB6EC563A73EF72524C2E0B576A8AA94EB879ACB
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community