home

DrivveImageService.exe

Drivve|Image

Drivve GmbH & Co.KG

It runs as a separate (within the context of its own process) windows Service named “DrivveImage”.
Publisher:
Drivve LLC  (signed by Drivve GmbH & Co.KG)

Product:
Drivve|Image

Version:
4.02.0113

MD5:
643fb9e8584d72fb6d57f75e20b12e39

SHA-1:
44396ffea4f8a5f4b76102e7a9f91f9e59442057

SHA-256:
c4cf76dd82525d5bddf6becbb4896930c30c5d8c013cbe84442dce65ea79bf3b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 12:39:34 PM UTC  (today)

File size:
4.6 MB (4,866,360 bytes)

Product version:
4.02.0113

Copyright:
© 2000-2009 Drivve LLC

Original file name:
DrivveImageService.exe

File type:
Executable application (Win32 EXE)

Language:
German (Germany)

Common path:
C:\Program Files\drivve\drivve image\drivveimageservice.exe

Digital Signature
Signed by:
Drivve GmbH & Co.KG

Authority:
The USERTRUST Network

Valid from:
3/2/2009 6:00:00 PM

Valid to:
3/2/2012 5:59:59 PM

Subject:
CN=Drivve GmbH & Co.KG, O=Drivve GmbH & Co.KG, STREET=Lambertstrasse 8, L=Mainz, S=RLP, PostalCode=55128, C=DE

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
066D9446FFB601B695E7F0998EF6A895

File PE Metadata
Compilation timestamp:
6/27/2011 4:44:58 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:9KdR7zdgDz/ILKvE+qKGt+gMnDqmKfC8q/O2tO/pFgkSrePMMFpGk0VqBdVzSq/1:E4IL8xSuoiDLmEdl9z802e7BT+CLO

Entry address:
0x43BA8

Entry point:
68, AC, 41, 44, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 60, 00, 00, 00, 48, 00, 00, 00, D2, 6D, 56, 0C, 19, 25, BB, 4B, 87, 69, 2B, 14, F6, 42, A4, 83, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 32, 2D, 41, 39, 46, 43, 44, 72, 69, 76, 76, 65, 4F, 53, 41, 53, 65, 72, 76, 69, 63, 65, 00, 30, 23, 30, 22, 3B, 20, 22, 44, 72, 69, 76, 76, 65, 20, 49, 6D, 61, 67, 65, 20, 53, 65, 72, 76, 69, 63, 65, 00, 20, 3D, 20, 00, 00, 00, 00, 01, 00, 41, 00, 54, 8A, 47, 00, 00, 00, 00, 00, FF, FF, FF, FF...
 
[+]

Entropy:
5.9260

Developed / compiled with:
Microsoft Visual Basic v5.0/v6.0

Code size:
4.6 MB (4,849,664 bytes)

Service
Display name:
DrivveImage

Type:
Win32OwnProcess


Scan DrivveImageService.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.