» cbfs3.sys
Overview
Analysis
File Details
Behaviors (1)

cbfs3.sys

Drive Bender

Division-M Pty Ltd

It runs as a Windows 64-bit kernel mode device driver named “Drive Bender CallbackFS driver v3”.

File name:

cbfs3.sys

Publisher:

Division-M Pty Ltd (signed and verified)

Product:

Drive Bender

Description:

Drive Bender File System Driver

Version:

3.2.108.373

MD5:

c5c32b8f5823ab87101edf8d091f75f3

SHA-1:

a8410eb55ac62c94521b62ef9ddd7c3d5af88ed2

SHA-256:

28c1d1074d0f34d2a8baaa7f39b7704d94b2d6bfd6b64b8b49107e4ff0bc275d

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/20/2024 9:03:34 AM UTC (today)

File size:

341.5 KB (349,656 bytes)

Product version:

1.3.0.6

Original file name:

cbfs3.sys

File type:

Driver (Win64 SYS)

Language:

Language Neutral

Common path:

C:\Windows\System32\drivers\cbfs3.sys

Digital Signature

Signed by:

Division-M Pty Ltd

Authority:

GlobalSign nv-sa

Valid from:

7/5/2011 10:07:44 PM

Valid to:

7/5/2012 10:07:44 PM

Subject:

CN=Division-M Pty Ltd, O=Division-M Pty Ltd, L=Mosman, S=NSW, C=AU

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121AD0FFA96908912C7A155DB5332EC14AB

File PE Metadata

Compilation timestamp:

5/8/2012 2:46:06 AM

OS version:

6.1

OS bitness:

Win64

Subsystem:

Native (none required)

Linker version:

9.0

CTPH (ssdeep):

6144:IntkUOlPm3we1yRjWKT3QoQs9MiJFEk0BJfPw1cVp:kF6Pm3thKTgq99IJnwaD

Entry address:

0x5506C

Entry point:

48, 83, EC, 28, 4C, 8B, C2, 4C, 8B, C9, E8, 95, FF, FF, FF, 49, 8B, D0, 49, 8B, C9, 48, 83, C4, 28, E9, 7E, EF, FF, FF, CC, CC, CC, CC, CC, CC, 5C, 00, 44, 00, 65, 00, 76, 00, 69, 00, 63, 00, 65, 00, 5C, 00, 43, 00, 62, 00, 46, 00, 73, 00, 33, 00, 00, 00, CC, CC, CC, CC, 5C, 00, 44, 00, 6F, 00, 73, 00, 44, 00, 65, 00, 76, 00, 69, 00, 63, 00, 65, 00, 73, 00, 5C, 00, 43, 00, 62, 00, 46, 00, 73, 00, 33, 00, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 46, 00, 73, 00, 52, 00, 74, 00, 6C, 00, 52, 00... 
[+]

Entropy:

6.4442

Code size:

256.5 KB (262,656 bytes)

Driver

Display name:

Drive Bender CallbackFS driver v3

Service name:

cbfs3

Type:

Kernel device driver (KernelDriver)

Scan cbfs3.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.