home

nbfdenc.sys

SECUDE FDE

SECUDE International AG

It runs as a Windows 64-bit kernel mode device driver named “nbfdenc”.
Publisher:
SECUDE AG  (signed by SECUDE International AG)

Product:
SECUDE FDE

Description:
SECUDE FDE Encryption Driver

Version:
9.5.0.9

MD5:
79c144055a418909ab953276140fac17

SHA-1:
51f36fd0a3c747d4740940cf0d6a61779c397976

SHA-256:
db7d1785881f9afddd79df12d6c9ba811ac0554673802b0a66b9abb862016e6b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 10:43:31 PM UTC  (today)

File size:
84.1 KB (86,104 bytes)

Product version:
9.5

Copyright:
Copyright © 2004 - 2010 SECUDE AG.

Trademarks:
SECUDE(tm) by SECUDE AG.

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\nbfdenc.sys

Digital Signature
Signed by:
SECUDE International AG

Authority:
VeriSign, Inc.

Valid from:
5/18/2010 2:00:00 AM

Valid to:
5/24/2013 1:59:59 AM

Subject:
CN=SECUDE International AG, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=SECUDE International AG, L=Emmetten, S=Nidwalden, C=CH

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
302EC345B6A732DB960AEE6B36F64C52

File PE Metadata
Compilation timestamp:
1/17/2011 6:02:56 PM

OS version:
5.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
10.0

CTPH (ssdeep):
1536:g5nXY4atOjBss5KNBRVjMlkYu9abDxee2cnxrORAAi8CkDAPm:gXY4vjBss5KNB3MlNu4b12QKRjB8Pm

Entry address:
0x18000

Entry point:
48, 89, 54, 24, 10, 48, 89, 4C, 24, 08, 48, 83, EC, 38, E8, DD, B4, FE, FF, 48, 8B, 44, 24, 40, 48, 89, 05, 11, BC, FF, FF, C7, 44, 24, 24, 00, 00, 00, 00, 48, 8B, 44, 24, 40, 48, 83, C0, 70, 48, 89, 44, 24, 28, EB, 18, 8B, 44, 24, 24, FF, C0, 89, 44, 24, 24, 48, 8B, 44, 24, 28, 48, 83, C0, 08, 48, 89, 44, 24, 28, 83, 7C, 24, 24, 1B, 77, 11, 48, 8B, 44, 24, 28, 48, 8D, 0D, 5E, B3, FE, FF, 48, 89, 08, EB, D0, E8, 34, 92, FE, FF, 85, C0, 74, 14, 48, 8B, 44, 24, 40, 48, 8B, 40, 30, 48, 8D, 0D, 80, 94, FE, FF...
 
[+]

Code size:
65 KB (66,560 bytes)

Driver
Display name:
nbfdenc

Type:
Kernel device driver (KernelDriver)

Group:
Filter


Scan nbfdenc.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.