» dcppcl.sys
Overview
Analysis
File Details
Behaviors (1)

dcppcl.sys

SecurStar GmbH

It runs as a Windows kernel mode device driver named “DCPPCL”.

File name:

dcppcl.sys

Publisher:

SecurStar GmbH (signed and verified)

MD5:

dd443bb2a76572339f7bf25d4e5a585a

SHA-1:

608b43ed6c330477707a8e53a8f56276a2b69dff

SHA-256:

75ce11ae4217839f4ae487f01f90509d9e9946b724b93bde18a7a58a6178c973

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/19/2024 6:30:32 PM UTC (today)

File size:

80.6 KB (82,536 bytes)

File type:

Driver (Win32 SYS)

Common path:

C:\Program Files\drivecrypt plus pack\dcppcl.sys

Digital Signature

Signed by:

SecurStar GmbH

Authority:

GlobalSign nv-sa

Valid from:

2/19/2010 12:37:28 PM

Valid to:

2/19/2013 12:37:23 PM

Subject:

CN=SecurStar GmbH, O=SecurStar GmbH, L=Munich, S=Germany, C=DE

Issuer:

CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:

01000000000126E62191BA

File PE Metadata

Compilation timestamp:

10/19/2010 12:44:52 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

8.0

CTPH (ssdeep):

768:sF+m9Bqa+q2ylsYDX42XYyUIry+RhdGHV+135tNsxY5oi:sBBqhylsYDXbX/ry4dGHQVxsy5oi

Entry address:

0x3C00

Entry point:

55, 8B, EC, 83, EC, 08, 8B, 45, 08, C7, 40, 38, 80, 3F, 01, 00, 8B, 4D, 08, C7, 41, 40, 80, 3F, 01, 00, 8B, 55, 08, C7, 42, 44, 80, 3F, 01, 00, 8B, 45, 08, C7, 40, 48, 80, 3F, 01, 00, 8B, 4D, 08, C7, 41, 5C, 80, 3F, 01, 00, 8B, 55, 08, C7, 42, 70, 80, 3F, 01, 00, 8B, 45, 08, C7, 40, 74, 80, 3F, 01, 00, 8B, 4D, 08, C7, 41, 78, 80, 3F, 01, 00, 8B, 55, 08, C7, 82, 80, 00, 00, 00, 80, 3F, 01, 00, 8B, 45, 08, C7, 80, 90, 00, 00, 00, 80, 3F, 01, 00, 8B, 4D, 08, C7, 41, 34, 80, 5E, 01, 00, 6A, 01, 68, C0, F4, 01... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

32.3 KB (33,056 bytes)

Driver

Display name:

DCPPCL

Type:

Kernel device driver (KernelDriver)

Scan dcppcl.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.