home

2TBus.sys

2TDisk

Beijing KaiXin ShengZhou Technology Co., Ltd.

It runs as a Windows 64-bit kernel mode device driver named “2TBus driver”.
Publisher:
Beijing KaiXin ShengZhou Technology Co., Ltd.  (signed and verified)

Product:
2TDisk

Description:
2TDisk virtual disk bus driver

Version:
1, 0, 0, 0

MD5:
9b877dcd1373c025a6b9322ceac28718

SHA-1:
4d06d6ab921a10ef0b4746f08f1b83118406c994

SHA-256:
6030a2255ebea6ded09ae92c4af1e09c761d60ea2d9945215081b3ab5fbc45f4

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 5:03:37 AM UTC  (today)

File size:
302.8 KB (310,104 bytes)

Product version:
1, 0, 0, 0

Copyright:
2TDisk Copyright (C) 2010

Original file name:
2TBus.sys

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\2tbus.sys

Digital Signature
Signed by:
Beijing KaiXin ShengZhou Technology Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
6/29/2011 8:00:00 PM

Valid to:
6/29/2012 7:59:59 PM

Subject:
CN="Beijing KaiXin ShengZhou Technology Co., Ltd.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Beijing KaiXin ShengZhou Technology Co., Ltd.", L=BeiJing, S=BeiJing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2152A02771C424363DEAFA34BABF6223

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
6144:CLUF+9jZb3CWx6stEPFMmxMtx9sJ6dtp5HmqlnJuORja/yqAHs:CgF+JZb3Rxn95+qVv9a/9AHs

Entry point:
48, 89, 5C, 24, 08, 57, 48, 83, EC, 30, 48, 8B, DA, 48, 8B, F9, 48, 8D, 15, 01, 12, 00, 00, 48, 8D, 4C, 24, 20, FF, 15, E6, 08, 00, 00, 44, 0F, B7, 1B, B9, 01, 00, 00, 00, 66, 41, 83, C3, 02, 41, B8, 54, 42, 75, 73, 66, 44, 89, 1D, FC, DF, 03, 00, 0F, B7, 03, 41, 0F, B7, D3, 66, 89, 05, EC, DF, 03, 00, FF, 15, 56, 0B, 00, 00, 48, 89, 05, E7, DF, 03, 00, 48, 85, C0, 75, 10, B8, 9A, 00, 00, C0, 48, 8B, 5C, 24, 40, 48, 83, C4, 30, 5F, C3, 48, 8D, 0D, C3, DF, 03, 00, 48, 8B, D3, FF, 15, AA, 08, 00, 00, 48, 8D...
 
[+]

Entropy:
7.8303  (probably packed)

Driver
Display name:
2TBus driver

Service name:
2TBus

Type:
Kernel device driver (KernelDriver)


Scan 2TBus.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.