home

dcsnap.sys

Farstone Technology Inc

Publisher:
Farstone Technology Inc  (signed and verified)

MD5:
a2d1a5d8c71449948907271adab88fcc

SHA-1:
c238b26f2b26b4612bced1a836ad55ebfd4758fe

SHA-256:
52303a9cbe53250ed3b214acb6da5068cf2b8aace5c17459e3bd228d6f0e82eb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/27/2024 12:52:03 AM UTC  (today)

File size:
84 KB (85,976 bytes)

File type:
Driver (Win32 SYS)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\files\cbp\console\cbp\drivers\dcsnap.sys

Digital Signature
Signed by:
Farstone Technology Inc

Authority:
VeriSign, Inc.

Valid from:
9/2/2008 1:00:00 AM

Valid to:
9/3/2009 12:59:59 AM

Subject:
CN=Farstone Technology Inc, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Farstone Technology Inc, L=Irvine, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0CBC293F8E24848F085261525258CAEF

File PE Metadata
Compilation timestamp:
6/24/2009 2:06:04 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
5.12

CTPH (ssdeep):
1536:Vns9UEoKXspMx71pz/aHHVp/Tgm4AGFQUOpdOK/RJFLn0XoXbj8II/9:Vns9emspQnraHHr34pWTdOK/bFLnFbjE

Entry address:
0x646

Entry point:
55, 8B, EC, 51, 51, 53, 8B, 5D, 08, 56, 57, 6A, 1B, 8D, 7B, 38, 59, B8, C6, 1A, 01, 00, F3, AB, 8B, 43, 18, 83, CF, FF, 57, 57, 6A, F7, 68, 80, 02, 01, 00, 68, 9C, 02, 01, 00, C7, 40, 04, 80, 19, 01, 00, FF, 75, 0C, C7, 43, 34, A4, 1A, 01, 00, E8, 3A, 1D, 00, 00, 33, F6, A3, 3C, FE, 01, 00, 3B, C6, 76, 14, 83, F8, 64, 73, 0F, 50, 68, B4, 02, 01, 00, 56, E8, 66, EE, 00, 00, 83, C4, 0C, 57, 57, 56, 68, D4, 02, 01, 00, 68, E8, 02, 01, 00, FF, 75, 0C, E8, 06, 1D, 00, 00, 3B, C6, A3, 38, FE, 01, 00, 74, 17, 50...
 
[+]

Entropy:
6.3961

Developed / compiled with:
Microsoft Visual C++

Code size:
62.7 KB (64,160 bytes)

Scan dcsnap.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.