home

bcswap.sys

Jetico BestCrypt Security System for Windows NT/2000/XP

Jetico, Inc.

It runs as a Windows kernel mode device driver named “BCSWAP”.
Publisher:
Jetico, Inc.  (signed and verified)

Product:
Jetico(R) BestCrypt(TM) Security System for Windows NT/2000/XP(TM)

Description:
BCSwap Swap File Encrypting Driver

Version:
2.16 built by: WinDDK

MD5:
d7317194a583646b486a7a13c9e32430

SHA-1:
cb3a16482c697a1506c95c01165fcd9d6cc8ea75

SHA-256:
ee2f609bb0a5a78e462767e18887ef2f3e6843cf2d54bb3d40fa4bc1e9da20dd

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 8:49:41 PM UTC  (today)

File size:
89.4 KB (91,496 bytes)

Product version:
2.16

Copyright:
Copyright (C) Jetico, Inc. 1993-2004

Original file name:
bcswap.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\bcswap.sys

Digital Signature
Signed by:
Jetico, Inc.

Authority:
GeoTrust Inc

Valid from:
9/5/2006 7:35:29 AM

Valid to:
9/5/2009 7:35:29 AM

Subject:
CN="Jetico, Inc.", OU=GeoTrust Code Signing, OU=Sales, O="Jetico, Inc.", L=Espoo, S=Finland, C=FI

Issuer:
CN=GeoTrust TrustCenter CodeSigning CA I, O=GeoTrust Inc, OU=GeoTrust TrustCenter CodeSigning CA, C=US

Serial number:
71DA000100208F6CD781F7422B04

File PE Metadata
Compilation timestamp:
7/17/2008 6:30:47 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
7.10

CTPH (ssdeep):
1536:d1IMBODlCOgP5Q6UCSMqqU+NV2fbbbkLaml9wLQuO:rfBgKP5QaSMqqDLEml

Entry address:
0x13C05

Entry point:
8B, FF, 55, 8B, EC, A1, 0C, 29, 02, 00, 85, C0, B9, 40, BB, 00, 00, 74, 04, 3B, C1, 75, 23, 8B, 15, 24, 89, 01, 00, B8, 0C, 29, 02, 00, C1, E8, 08, 33, 02, 25, FF, FF, 00, 00, A3, 0C, 29, 02, 00, 75, 07, 8B, C1, A3, 0C, 29, 02, 00, F7, D0, A3, 08, 29, 02, 00, 5D, E9, 8A, DF, FE, FF, A0, 3C, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, C2, 40, 01, 00, 98, 88, 00, 00, 88, 3C, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 40, 41, 01, 00, 80, 88, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.7061

Code size:
34.4 KB (35,200 bytes)

Driver
Display name:
BCSWAP

Type:
Kernel device driver (KernelDriver)


Scan bcswap.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.