home

Drivecrypt.exe

SecureStar DriveCrypt

SecurStar GmbH

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘DriveCrypt Startup’.
Publisher:
SecurStar GmbH  (signed and verified)

Product:
SecureStar DriveCrypt

Description:
DriveCrypt

Version:
3.03

MD5:
2dff336327dd4c514764b507bdc28e27

SHA-1:
5f9d81f2054de9eaf5319e439b911001601c644e

SHA-256:
e5c57471290f4c48da53030391b24b7cd704e2b1ab9128a9439f37923f43f141

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 3:58:39 PM UTC  (today)

File size:
1.3 MB (1,378,728 bytes)

Product version:
3.03

Copyright:
Copyright © 2001 SecureStar GmbH

Trademarks:
DriveCrypt is a copyrighted program

Original file name:
Drivecrypt.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\drivecrypt\drivecrypt.exe

Digital Signature
Signed by:
SecurStar GmbH

Authority:
GlobalSign nv-sa

Valid from:
4/13/2007 12:29:04 PM

Valid to:
4/13/2010 12:29:04 PM

Subject:
E=contact@securstar.com, CN=SecurStar GmbH, O=SecurStar GmbH, C=DE

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
01000000000111EA7D2E62

File PE Metadata
Compilation timestamp:
1/25/2008 12:21:03 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
83.82

CTPH (ssdeep):
24576:OvpSyQWMIxyunGcIFt7h60X5mjEzlV07A+DWlXuFxIJRJ0QmEJ:GpqWMIIu+hQ4G9X4J0Qt

Entry address:
0x18C000

Entry point:
60, E8, 00, 00, 00, 00, 5D, 50, 51, 0F, CA, F7, D2, 9C, F7, D2, 0F, CA, EB, 0F, B9, EB, 0F, B8, EB, 07, B9, EB, 0F, 90, EB, 08, FD, EB, 0B, F2, EB, F5, EB, F6, F2, EB, 08, FD, EB, E9, F3, EB, E4, FC, E9, 9D, 0F, C9, 8B, CA, F7, D1, 59, 58, 50, 51, 0F, CA, F7, D2, 9C, F7, D2, 0F, CA, EB, 0F, B9, EB, 0F, B8, EB, 07, B9, EB, 0F, 90, EB, 08, FD, EB, 0B, F2, EB, F5, EB, F6, F2, EB, 08, FD, EB, E9, F3, EB, E4, FC, E9, 9D, 0F, C9, 8B, CA, F7, D1, 59, 58, 50, 51, 0F, CA, F7, D2, 9C, F7, D2, 0F, CA, EB, 0F, B9, EB...
 
[+]

Packer / compiler:
ASPack v1.08.04

Code size:
320 KB (327,680 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
DriveCrypt Startup

Command:
C:\Program Files\drivecrypt\drivecrypt.exe \ws


Scan Drivecrypt.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.