» drivebenderservice.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

drivebenderservice.exe

Drive Bender

Division-M Pty Ltd

It runs as a separate (within the context of its own process) windows Service named “Drive Bender Service”. This file is installed with the program Drive Bender.

File name:

Publisher:

Division-M (signed by Division-M Pty Ltd)

Product:

Drive Bender

Description:

Drive Bender Service

Version:

1.9.5.1

MD5:

413345813f518cc23b8ab8fe34ad6168

SHA-1:

8cdda351a0e307a18cb19a798b4f44319242bc54

SHA-256:

35943c64e5237848eaa95ce26a63a1dc59cc705e4563088c7e19a3b4af0a7972

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/25/2024 6:17:53 PM UTC (today)

Scan engine

Detection

Engine version

Rising Antivirus

PE:Malware.InstallMonstr!6.38

23.00.65.14313

File size:

6.1 MB (6,431,344 bytes)

Product version:

1.8.0.0

Trademarks:

Original file name:

DriveBenderService

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\division-m\drive bender\drivebenderservice.exe

Digital Signature

Signed by:

Division-M Pty Ltd

Authority:

GlobalSign nv-sa

Valid from:

7/16/2013 9:34:46 PM

Valid to:

9/6/2014 1:07:43 AM

Subject:

CN=Division-M Pty Ltd, O=Division-M Pty Ltd, L=Mosman, S=NSW, C=AU

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11212268DE5C0632D237C9129F587040A40B

File PE Metadata

Compilation timestamp:

9/30/2013 6:00:38 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

98304:wWcGPi2ivw112gl0P+gOV0bzRsoYLyQ7aumx4ZAin6gnT:aGPi2iuZl0Ggmromb704ln6oT

Entry address:

0x5238E4

Entry point:

55, 8B, EC, 83, C4, F0, 53, B8, 84, DB, 90, 00, E8, 63, BE, AE, FF, A1, 30, 8D, 95, 00, 8B, 00, 8B, 10, FF, 52, 44, 8B, 0D, 00, 8F, 95, 00, A1, 30, 8D, 95, 00, 8B, 00, 8B, 15, B4, 87, 8A, 00, 8B, 18, FF, 53, 40, A1, 30, 8D, 95, 00, 8B, 00, 8B, 10, FF, 52, 48, 5B, E8, 01, 64, AE, FF, 90, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

5.1 MB (5,381,120 bytes)

Service

Display name:

Drive Bender Service

Service name:

DriveBender

Description:

Drive Bender System Service

Type:

Win32OwnProcess

The file drivebenderservice.exe has been discovered within the following program.

Drive Bender by Division-M

www.drivebender.com

About 5% of users remove it

Scan drivebenderservice.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.