home

SbieDrv.sys

Sandboxie

SANDBOXIE L.T.D

It runs as a Windows 64-bit kernel mode device driver named “SbieDrv”.
Publisher:
SANDBOXIE L.T.D  (signed and verified)

Product:
Sandboxie

Description:
Sandboxie Kernel Mode Driver

Version:
3.72

MD5:
67c3a9a677c44bf22ffa7facd518120c

SHA-1:
d4b95770cd0d03735e3a98ab24976b2a96e1d31d

SHA-256:
9ae36ac46d2bdb9f066c3d205249692d05ed74b8a3f51739b684132893a0600b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 11:47:42 PM UTC  (a few moments ago)

File size:
162.7 KB (166,576 bytes)

Product version:
3.72

Copyright:
Copyright © 2004-2012 by Ronen Tzur

Original file name:
SbieDrv.sys

File type:
Driver (Win64 SYS)

Common path:
C:\Program Files\sandboxie\sbiedrv.sys

Digital Signature
Signed by:
SANDBOXIE L.T.D

Authority:
GlobalSign nv-sa

Valid from:
10/28/2010 1:34:15 PM

Valid to:
2/4/2013 6:10:10 PM

Subject:
CN=SANDBOXIE L.T.D, O=SANDBOXIE L.T.D, L=Holon, S=Israel, C=IL

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000012BF299E10C

File PE Metadata
Compilation timestamp:
6/17/2012 10:51:48 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
8.0

CTPH (ssdeep):
3072:LT3Q2WZe0WpxJp4rdVHM26tkzDAT5+XoMOW0M:wfe0WpxP4jitkzmhZM

Entry address:
0x27448

Entry point:
48, 53, 57, 48, 83, EC, 28, 48, 89, 0D, CA, BF, FF, FF, 48, 8B, FA, 48, C7, 41, 68, 00, 00, 00, 00, 48, 8D, 0D, A8, BF, FF, FF, 48, 8D, 15, 51, 10, 00, 00, FF, 15, E3, 7B, FF, FF, E8, C6, F9, FF, FF, 84, C0, 8A, D8, 0F, 84, 10, 01, 00, 00, E8, 67, 36, FE, FF, 48, 85, C0, 48, 89, 05, FD, BC, FF, FF, 75, 11, 45, 33, C0, 33, D2, B9, 50, 04, 01, C1, E8, 38, 60, FE, FF, 32, DB, 84, DB, 0F, 84, E6, 00, 00, 00, E8, 0D, B3, FE, FF, 84, C0, 8A, D8, 0F, 84, D7, 00, 00, 00, 48, 8B, 57, 08, 48, 8B, 0D, C8, BC, FF, FF...
 
[+]

Code size:
132.5 KB (135,680 bytes)

Driver
Display name:
SbieDrv

Type:
Kernel device driver (KernelDriver)


Scan SbieDrv.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.