home

sbmpf.sys

SystemBase Co., Ltd

It runs as a Windows kernel mode device driver named “Filter driver for Multiport 1.6685.01.002 11,08,2010”.
Publisher:
SystemBase Co., Ltd.  (signed by SystemBase Co., Ltd)

Description:
PCI bridge Filter Driver

Version:
1,6685,01,001 built by: WinDDK

MD5:
2d2238f4a589df4ac6bbd45a4cd7c2b2

SHA-1:
0ca52e26f3a9e4f368509c931c009f4b0c2c7ba5

SHA-256:
3a4da86342ab3f7b35777eefa8ec8ea4499c86413e0cd934b611b63e9360804f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 5:01:03 PM UTC  (today)

File size:
13.3 KB (13,632 bytes)

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\sbmpf.sys

Digital Signature
Signed by:
SystemBase Co., Ltd

Authority:
VeriSign, Inc.

Valid from:
10/6/2010 9:00:00 PM

Valid to:
10/7/2011 8:59:59 PM

Subject:
CN="SystemBase Co., Ltd", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="SystemBase Co., Ltd", L=Guro-gu, S=Seoul, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4818322536C703C6B2BEA310A7D164CA

File PE Metadata
Compilation timestamp:
11/29/2010 10:17:22 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
192:x59jCxEXQeeO4uCyowJL/1jXAV+ebCfzQpkqs1IRVg3:x5NvC/JYJL17KbCf1Qg

Entry address:
0x50CC

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 34, FF, FF, FF, 04, 51, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 53, 00, 00, 00, 20, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 58, 51, 00, 00, 74, 51, 00, 00, 86, 51, 00, 00, A4, 51, 00, 00, B6, 51, 00, 00, C4, 51, 00, 00, D4, 51, 00, 00, EC, 51, 00, 00, 02, 52, 00, 00, 1A, 52, 00, 00, 2C, 52, 00, 00, 4C, 52, 00, 00, 60, 52, 00, 00, 78, 52, 00, 00, 8C, 52, 00, 00, A4, 52, 00, 00, AE, 52, 00, 00, CE, 52, 00, 00...
 
[+]

Code size:
4.5 KB (4,608 bytes)

Driver
Display name:
Filter driver for Multiport 1.6685.01.002 11,08,2010

Service name:
sbmpf

Type:
Kernel device driver (KernelDriver)

Group:
PNP Filter


Scan sbmpf.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.