» SBAMTray.exe
Overview
Analysis
File Details
Behaviors (1)

SBAMTray.exe

VIPRE Advanced Security

ThreatTrack Security, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘SBAMTray’.

File name:

SBAMTray.exe

Publisher:

ThreatTrack Security Inc. (signed by ThreatTrack Security, Inc.)

Product:

VIPRE Advanced Security

Description:

SBAMTray Application

Version:

10.1.1.29

MD5:

d5b7be4e3cd5c965fd01f0b3c0f287cf

SHA-1:

7b752b24a9b5f6da1b456c671d6717b1798ad279

SHA-256:

306b3a59d57b5ffebd745188510d8d06c068e17b93a3ac4a49b279432d284ac5

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/24/2024 4:07:13 PM UTC (today)

File size:

3.2 MB (3,319,800 bytes)

Product version:

10.1.1.29

Original file name:

SBAMTray.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\vipre\sbamtray.exe

Digital Signature

Signed by:

ThreatTrack Security, Inc.

Authority:

DigiCert Inc

Valid from:

10/5/2015 7:00:00 PM

Valid to:

8/24/2017 7:00:00 AM

Subject:

CN="ThreatTrack Security, Inc.", O="ThreatTrack Security, Inc.", L=CLEARWATER, S=FL, C=US

Issuer:

CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

0E35B17E146412E15BE961ED50BCA2B8

File PE Metadata

Compilation timestamp:

3/9/2017 4:17:15 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

14.0

Entry address:

0x1CC216

Entry point:

E8, 69, 0C, 00, 00, E9, 8E, FE, FF, FF, 3B, 0D, 04, 92, 6A, 00, F2, 75, 02, F2, C3, F2, E9, FD, 05, 00, 00, 55, 8B, EC, F6, 45, 08, 01, 56, 8B, F1, C7, 06, 54, 58, 64, 00, 74, 0A, 6A, 0C, 56, E8, 09, 00, 00, 00, 59, 59, 8B, C6, 5E, 5D, C2, 04, 00, 55, 8B, EC, FF, 75, 08, E8, 23, EB, EB, FF, 59, 5D, C3, 55, 8B, EC, A1, 04, 92, 6A, 00, 83, E0, 1F, 6A, 20, 59, 2B, C8, 8B, 45, 08, D3, C8, 33, 05, 04, 92, 6A, 00, 5D, C3, 55, 8B, EC, 8B, 45, 08, 56, 8B, 48, 3C, 03, C8, 0F, B7, 41, 14, 8D, 51, 18, 03, D0, 0F, B7... 
[+]

Entropy:

6.4017

Code size:

2.1 MB (2,189,824 bytes)

Startup File (All Users Run)

Registry location:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

SBAMTray

Command:

"C:\Program Files\vipre\sbamtray.exe"

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.