» sentinelmonitor.sys
Overview
Analysis
File Details
Behaviors (1)

sentinelmonitor.sys

Sentinel Agent

Sentinel Labs, Inc.

It runs as a Windows file system device driver named “SentinelMonitor”.

File name:

sentinelmonitor.sys

Publisher:

SentinelOne, Inc. (signed by Sentinel Labs, Inc.)

Product:

Sentinel Agent

Description:

SentinelOne Kernel Monitor

Version:

1.6.2008.0

MD5:

eff71d3c4e503bfc5353b91b72776517

SHA-1:

cba2b3acd0f6f37c702d13dbca317d9ad03fe1d3

SHA-256:

d5c94d7cf0a04855473e5974f28dadeb7e570f065ceaf1963c641b2f8a27fd42

Scanner detections:

1 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

11/23/2024 5:06:51 PM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:Evo-gen [Susp]

151004-0

File size:

175.4 KB (179,656 bytes)

Product version:

1.6.2008.0

SentinelOne, Inc.

Original file name:

SentinelAgent.exe

File type:

Driver (Win32 SYS)

Language:

English (United States)

Common path:

C:\Program Files\sentinelone\sentinel agent 1.6.2008.0\sentinelmonitor.sys

Digital Signature

Signed by:

Sentinel Labs, Inc.

Authority:

DigiCert Inc

Valid from:

7/5/2015 3:00:00 AM

Valid to:

12/30/2015 2:00:00 PM

Subject:

CN="Sentinel Labs, Inc.", O="Sentinel Labs, Inc.", L=Palo Alto, S=California, C=US, PostalCode=94306, STREET=2500 El Camino Real, SERIALNUMBER=5278570, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US, OID.2.5.4.15=Private Organization

Issuer:

CN=DigiCert EV Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

03292AD5BA34EFCC86534C31F725BB85

File PE Metadata

Compilation timestamp:

11/10/2015 1:47:03 PM

OS version:

6.3

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

12.0

CTPH (ssdeep):

3072:1bK+mu7AVLbROWJOOW99OWxVjJN2LVV0LyON5Zh:rPMVLuIhON5r

Entry address:

0x27000

Entry point:

8B, FF, 55, 8B, EC, E8, 06, 00, 00, 00, 5D, E9, 4C, 56, FF, FF, 8B, FF, 55, 8B, EC, 51, 51, A1, 00, 61, 40, 00, B9, 4E, E6, 40, BB, 85, C0, 74, 04, 3B, C1, 75, 18, 0F, 31, 35, 00, 61, 40, 00, 89, 55, FC, A3, 00, 61, 40, 00, 75, 07, 8B, C1, A3, 00, 61, 40, 00, F7, D0, A3, FC, 60, 40, 00, 8B, E5, 5D, C3, B0, 70, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, 32, 75, 02, 00, 04, 50, 00, 00, 18, 71, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, CA, 75, 02, 00, 6C, 50, 00, 00, 34, 71, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

5.9793

Code size:

60 KB (61,440 bytes)

Driver

Display name:

SentinelMonitor

Description:

Sentinel Driver 1.6.2008.0

Type:

File system 'filter' driver (FileSystemDriver)

Depends on:

FltMgr

Scan sentinelmonitor.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.