home

dcppvist.sys

DriveCrypt Plus Pack

SecurStar GmbH

It runs as a Windows kernel mode device driver named “DCPPVist”.
Publisher:
SecurStar GmbH  (signed and verified)

Product:
DriveCrypt Plus Pack

Description:
DriveCrypt Plus Pack Kernel Driver

Version:
1, 0, 0, 1

MD5:
645d3738db3adead205007feb97b5dcc

SHA-1:
c7c0e01d64decc11e0a03d850822dd9192c89360

SHA-256:
56843b05c9e493af485762804bfd060c8dab7efd20b7b0a099bf39120d5f06a4

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 1:34:52 PM UTC  (today)

File size:
108.9 KB (111,504 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright © 2002 SecurStar GmbH

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\dcppvist.sys

Digital Signature
Signed by:
SecurStar GmbH

Authority:
GlobalSign nv-sa

Valid from:
2/19/2010 5:37:28 AM

Valid to:
2/19/2013 5:37:23 AM

Subject:
CN=SecurStar GmbH, O=SecurStar GmbH, L=Munich, S=Germany, C=DE

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
01000000000126E62191BA

File PE Metadata
Compilation timestamp:
11/15/2011 6:08:07 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
8.0

CTPH (ssdeep):
3072:RlwaJA8knQjGiddTQJ0tg3gHgtTL4+B/s++doGK9FjqOeRKTa:Re8bzfTQJ0twgAtTL4+B/s9oVmRKTa

Entry address:
0x1F000

Entry point:
55, 8B, EC, 83, E4, F8, 83, EC, 44, 53, 56, 8B, 75, 08, 57, 33, DB, 53, 53, 68, 00, C6, 02, 00, 68, 20, D2, 02, 00, 89, 5C, 24, 1C, 89, 35, 58, DA, 02, 00, FF, 15, 50, 10, 01, 00, 89, 1D, 1C, AC, 02, 00, 89, 1D, 20, AC, 02, 00, 89, 1D, 24, AC, 02, 00, 89, 1D, 28, AC, 02, 00, 89, 1D, 2C, AC, 02, 00, 89, 1D, 30, AC, 02, 00, 89, 1D, 34, AC, 02, 00, 89, 1D, 38, AC, 02, 00, 8B, 46, 18, 6A, 01, C7, 40, 04, F0, 42, 01, 00, 68, 00, D2, 02, 00, 89, 1D, B4, AB, 02, 00, 89, 1D, 2C, D2, 02, 00, FF, 15, A8, 10, 01, 00...
 
[+]

Entropy:
6.6789

Developed / compiled with:
Microsoft Visual C++

Code size:
91.5 KB (93,696 bytes)

Driver
Display name:
DCPPVist

Type:
Kernel device driver (KernelDriver)

Group:
PnP Filter


Scan dcppvist.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.