» SBAMTray.exe
Overview
Analysis
File Details
Behaviors (1)

SBAMTray.exe

VIPRE Internet Security

ThreatTrack Security, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘SBAMTray’.

File name:

SBAMTray.exe

Publisher:

ThreatTrack Security Inc. (signed by ThreatTrack Security, Inc.)

Product:

VIPRE Internet Security

Description:

SBAMTray Application

Version:

9.3.6.3

MD5:

38f3a3b503bd6326f909366bf90d572c

SHA-1:

7982139c5ebd36ebc2f5bcb8575e4da66cca636d

SHA-256:

8744f54e938ab5001ae5c74436c6bdafba455fb0f5b2a531fcfd30f1ba42629d

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/5/2024 7:05:42 AM UTC (today)

File size:

2.9 MB (3,020,816 bytes)

Product version:

9.3.6.3

Original file name:

SBAMTray.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\vipre\sbamtray.exe

Digital Signature

Signed by:

ThreatTrack Security, Inc.

Authority:

DigiCert Inc

Valid from:

10/5/2015 8:00:00 PM

Valid to:

8/24/2017 8:00:00 AM

Subject:

CN="ThreatTrack Security, Inc.", O="ThreatTrack Security, Inc.", L=CLEARWATER, S=FL, C=US

Issuer:

CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

0E35B17E146412E15BE961ED50BCA2B8

File PE Metadata

Compilation timestamp:

8/9/2016 9:39:06 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

Entry address:

0x1AC225

Entry point:

E8, F1, B4, 00, 00, E9, 7F, FE, FF, FF, 3B, 0D, 10, C6, 67, 00, 75, 02, F3, C3, E9, ED, 35, 00, 00, 51, C7, 01, 1C, E2, 61, 00, E8, E2, BA, 00, 00, 59, C3, 55, 8B, EC, 8D, 41, 09, 50, 8B, 45, 08, 83, C0, 09, 50, E8, 41, BA, 00, 00, F7, D8, 59, 1B, C0, 59, 40, 5D, C2, 04, 00, 55, 8B, EC, 56, 8B, F1, E8, C9, FF, FF, FF, F6, 45, 08, 01, 74, 07, 56, E8, 8B, B4, ED, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, 55, 8B, EC, 56, 8B, 75, 14, 85, F6, 75, 04, 33, C0, EB, 6D, 8B, 45, 08, 85, C0, 75, 13, E8, AE, 67, 00, 00, 6A... 
[+]

Entropy:

6.4191

Code size:

1.9 MB (2,029,056 bytes)

Startup File (All Users Run)

Registry location:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

SBAMTray

Command:

"C:\Program Files\vipre\sbamtray.exe"

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.