home

bcswap.sys

Jetico BestCrypt Security System for Windows NT/2000/XP

Jetico, Inc.

It runs as a Windows kernel mode device driver named “BCSWAP”.
Publisher:
Jetico, Inc.  (signed and verified)

Product:
Jetico(R) BestCrypt(TM) Security System for Windows NT/2000/XP(TM)

Description:
BCSwap Swap File Encrypting Driver

Version:
2.16 built by: WinDDK

MD5:
cf3c25125c10ca50d7db724f5094d3c1

SHA-1:
2a93b0d61e68f06165873ba989632a76ff9d414a

SHA-256:
ee82d9c84efcaa64654bdcc565f0a14498b1716f8a68668d6e266bb966c6b656

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 1:12:54 PM UTC  (today)

File size:
89.4 KB (91,496 bytes)

Product version:
2.16

Copyright:
Copyright (C) Jetico, Inc. 1993-2004

Original file name:
bcswap.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\bcswap.sys

Digital Signature
Signed by:
Jetico, Inc.

Authority:
GeoTrust Inc

Valid from:
9/5/2006 7:35:29 AM

Valid to:
9/5/2009 7:35:29 AM

Subject:
CN="Jetico, Inc.", OU=GeoTrust Code Signing, OU=Sales, O="Jetico, Inc.", L=Espoo, S=Finland, C=FI

Issuer:
CN=GeoTrust TrustCenter CodeSigning CA I, O=GeoTrust Inc, OU=GeoTrust TrustCenter CodeSigning CA, C=US

Serial number:
71DA000100208F6CD781F7422B04

File PE Metadata
Compilation timestamp:
1/16/2007 4:08:24 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
7.10

CTPH (ssdeep):
1536:BYPMBODlC5BpP55EJCSMqqU+NV2fbbbkLa0wm9QuO0k:ekBgoP55ZSMqqDLE0w5

Entry address:
0x13B05

Entry point:
8B, FF, 55, 8B, EC, A1, 0C, 28, 02, 00, 85, C0, B9, 40, BB, 00, 00, 74, 04, 3B, C1, 75, 23, 8B, 15, 24, 88, 01, 00, B8, 0C, 28, 02, 00, C1, E8, 08, 33, 02, 25, FF, FF, 00, 00, A3, 0C, 28, 02, 00, 75, 07, 8B, C1, A3, 0C, 28, 02, 00, F7, D0, A3, 08, 28, 02, 00, 5D, E9, BA, DF, FE, FF, A0, 3B, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, C2, 3F, 01, 00, 98, 87, 00, 00, 88, 3B, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 40, 40, 01, 00, 80, 87, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.7071

Code size:
34.1 KB (34,944 bytes)

Driver
Display name:
BCSWAP

Type:
Kernel device driver (KernelDriver)


Scan bcswap.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.