home

SbieDrv.sys

Sandboxie

NGO

It runs as a Windows kernel mode device driver named “SbieDrv”.
Publisher:
Sandboxie Holdings, LLC  (signed by NGO)

Product:
Sandboxie

Description:
Sandboxie Kernel Mode Driver

Version:
4.12

MD5:
e2e96140e5e45718fb0df9df1ec9f1bd

SHA-1:
4414ef22829dcfcb18f387fba4e8f19f3409f7b0

SHA-256:
017b9fc52478e409cf8fc033e594fa47c733657c12ed5498764a659283bbf176

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 6:46:52 AM UTC  (today)

File size:
149.5 KB (153,088 bytes)

Product version:
4.12

Copyright:
Copyright © 2004-2014 by Sandboxie Holdings, LLC

Original file name:
SbieDrv.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Program Files\sandboxie\sbiedrv.sys

Digital Signature
Signed by:
NGO

Authority:
NGO

Valid from:
11/11/2013 11:24:17 PM

Valid to:
12/31/2039 3:59:59 PM

Subject:
CN=NGO

Issuer:
CN=NGO

Serial number:
1A4133382A9F19B54E3FF47125B5C787

File PE Metadata
Compilation timestamp:
5/29/2014 11:08:55 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
10.0

CTPH (ssdeep):
3072:wSQ8kesvJLL30m62kp+CirEMtGW+EIjnui2EHFgXE:FQ1dDB6gVtGWRi2EHFn

Entry address:
0x21AA0

Entry point:
55, 8B, EC, 8B, 45, 08, 53, 68, 78, AD, 41, 00, A3, 88, F9, 41, 00, 68, 80, F9, 41, 00, C7, 40, 34, 00, 00, 00, 00, FF, 15, 48, A0, 41, 00, E8, B8, FA, FF, FF, 8A, D8, 84, DB, 0F, 84, 15, 01, 00, 00, E8, 39, A4, FE, FF, A3, 70, F6, 41, 00, 85, C0, 75, 13, 50, 50, 68, 50, 04, 01, C1, E8, 34, F8, FE, FF, 32, DB, E9, F4, 00, 00, 00, E8, E8, 39, FE, FF, 8A, D8, 84, DB, 0F, 84, E5, 00, 00, 00, 8B, 0D, 70, F6, 41, 00, 56, 8B, 75, 0C, 8B, 46, 04, 6A, 01, 50, 51, E8, 98, F8, FE, FF, A3, 8C, F9, 41, 00, 85, C0, 75...
 
[+]

Entropy:
6.4462

Developed / compiled with:
Microsoft Visual C++

Code size:
117.5 KB (120,320 bytes)

Driver
Display name:
SbieDrv

Type:
Kernel device driver (KernelDriver)


Scan SbieDrv.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.