home

dcppvist.sys

DriveCrypt Plus Pack

SecurStar GmbH

It runs as a Windows 64-bit kernel mode device driver named “DCPPVist”.
Publisher:
SecurStar GmbH  (signed and verified)

Product:
DriveCrypt Plus Pack

Description:
DriveCrypt Plus Pack Kernel Driver

Version:
1, 0, 0, 1

MD5:
0eb701cf682b01fd86d621ef93c1f655

SHA-1:
13b9c711e2d3fd44ba65b4833dc9729ccc423559

SHA-256:
7e894e98a428ef9743d368272cb21ea41dcda0b00a8f5c0e41ee49e7c839e6ab

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 6:58:49 AM UTC  (today)

File size:
171.9 KB (176,016 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright © 2002 SecurStar GmbH

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\dcppvist.sys

Digital Signature
Signed by:
SecurStar GmbH

Authority:
GlobalSign nv-sa

Valid from:
2/19/2010 9:37:28 AM

Valid to:
2/19/2013 8:37:23 AM

Subject:
CN=SecurStar GmbH, O=SecurStar GmbH, L=Munich, S=Germany, C=DE

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
01000000000126E62191BA

File PE Metadata
Compilation timestamp:
11/15/2011 10:08:19 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
8.0

CTPH (ssdeep):
3072:AsNgLWfkOczjeRMFIUbPtjX8FFAW+gCqbXu1DFLYyZJ1Ws5A+n++dL7G7UhF1cjC:+CfcWReGFdRXuJFLYyZJ1Ws5Xn9gOmC

Entry address:
0x31000

Entry point:
40, 53, 55, 57, 41, 54, 48, 81, EC, 18, 01, 00, 00, 48, 8B, FA, 48, 8B, D9, 48, 89, 0D, 1E, CA, FF, FF, 48, 8D, 15, 9F, B5, FF, FF, 48, 8D, 0D, D0, C1, FF, FF, 33, ED, 45, 33, C9, 45, 33, C0, 48, 89, AC, 24, 48, 01, 00, 00, FF, 15, 5A, 01, FD, FF, 48, 89, 2D, FB, 90, FF, FF, 48, 89, 2D, FC, 90, FF, FF, 48, 89, 2D, FD, 90, FF, FF, 48, 89, 2D, FE, 90, FF, FF, 48, 89, 2D, FF, 90, FF, FF, 48, 89, 2D, 00, 91, FF, FF, 48, 89, 2D, 01, 91, FF, FF, 48, 89, 2D, 02, 91, FF, FF, 48, 8B, 43, 30, 48, 8D, 0D, DF, 40, FD...
 
[+]

Code size:
152.5 KB (156,160 bytes)

Driver
Display name:
DCPPVist

Type:
Kernel device driver (KernelDriver)

Group:
PnP Filter


Scan dcppvist.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.