home

dcppvist.sys

DriveCrypt Plus Pack

SecurStar GmbH

It runs as a Windows kernel mode device driver named “DCPPVist”.
Publisher:
SecurStar GmbH  (signed and verified)

Product:
DriveCrypt Plus Pack

Description:
DriveCrypt Plus Pack Kernel Driver

Version:
1, 0, 0, 1

MD5:
df9844702c56f90c08e62dc4392e5a72

SHA-1:
8d9aaf43f6880ae54fdefe94e5abdb8fd2c9d7fe

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/20/2024 1:43:21 AM UTC  (today)

File size:
108.9 KB (111,504 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright © 2002 SecurStar GmbH

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\dcppvist.sys

Digital Signature
Signed by:
SecurStar GmbH

Authority:
GlobalSign nv-sa

Valid from:
2/19/2010 6:37:28 AM

Valid to:
2/19/2013 6:37:23 AM

Subject:
CN=SecurStar GmbH, O=SecurStar GmbH, L=Munich, S=Germany, C=DE

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
01000000000126E62191BA

File PE Metadata
Compilation timestamp:
7/4/2011 10:02:34 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
8.0

CTPH (ssdeep):
3072:RX0aJA8knQjGiddTQJ0tg3gHgtTL4+B/2++doGK9FjqOeRkc:Ro8bzfTQJ0twgAtTL4+B/29oVmRkc

Entry address:
0x1F000

Entry point:
55, 8B, EC, 83, E4, F8, 83, EC, 44, 53, 56, 8B, 75, 08, 57, 33, DB, 53, 53, 68, 00, C6, 02, 00, 68, 20, D2, 02, 00, 89, 5C, 24, 1C, 89, 35, 58, DA, 02, 00, FF, 15, 50, 10, 01, 00, 89, 1D, 1C, AC, 02, 00, 89, 1D, 20, AC, 02, 00, 89, 1D, 24, AC, 02, 00, 89, 1D, 28, AC, 02, 00, 89, 1D, 2C, AC, 02, 00, 89, 1D, 30, AC, 02, 00, 89, 1D, 34, AC, 02, 00, 89, 1D, 38, AC, 02, 00, 8B, 46, 18, 6A, 01, C7, 40, 04, F0, 42, 01, 00, 68, 00, D2, 02, 00, 89, 1D, B4, AB, 02, 00, 89, 1D, 2C, D2, 02, 00, FF, 15, A8, 10, 01, 00...
 
[+]

Entropy:
6.6783

Developed / compiled with:
Microsoft Visual C++

Code size:
91.5 KB (93,696 bytes)

Driver
Display name:
DCPPVist

Type:
Kernel device driver (KernelDriver)

Group:
PnP Filter


Scan dcppvist.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.