home

e15.sys

Virtual USB bus driver

NGO

It runs as a Windows 64-bit kernel mode device driver named “Virtual USB Bus Enumerator e15”.
Publisher:
Chingachguk & Denger2k  (signed by NGO)

Product:
Virtual USB bus driver

Version:
0.1 built by: WinDDK

MD5:
788c356c3b212ee44ae24f71db1e434a

SHA-1:
b59e37d65fcce624c35bcceac53d9a163f195c7b

SHA-256:
71db0d90df2de0b4091b322eb921c17e0ac1d116ee2bc6275f1ccd86073c1669

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2024 11:19:39 AM UTC  (today)

File size:
2.5 MB (2,654,720 bytes)

Product version:
0.1

Copyright:
Copyright (C)2004 By Chingachguk & Denger2k

Original file name:
vusbbus.sys

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\e15.sys

Digital Signature
Signed by:
NGO

Authority:
NGO

Valid from:
3/24/2012 7:04:54 AM

Valid to:
12/31/2039 5:59:59 PM

Subject:
CN=NGO

Issuer:
CN=NGO

Serial number:
9957F212D8F955AF4DB9E277D57C0ACF

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
49152:NCm4VAe9Ynq8KL81zi+nO/BTA8SLH/lgId10sX0z8imahD4FkKCy9MMYInY05:NCFaoYnhpzi+nSA8eHSE10Y0z8imahDi

Entry point:
E9, 7E, E7, FF, FF, E8, 93, DC, FF, FF, E9, 45, 02, 28, 00, 71, 62, 52, 12, 5B, 32, B6, BB, 12, 3F, 12, B6, 9D, A1, 9B, 2C, 25, CC, 0D, B3, 80, 6A, B4, 0C, B7, A8, 6C, 1F, 75, 14, 15, B0, 64, 90, 02, 22, 4B, 8A, A2, B5, 71, C7, FA, CF, CE, D6, 65, 59, 60, EC, 74, 4E, 79, CA, CD, E6, D9, B2, E1, 03, E1, F1, A8, E0, 86, A7, 9C, 91, 47, 89, 33, 51, EE, 89, 8D, 05, E5, FA, E1, 15, A9, 3B, FA, CE, CE, 54, AA, 12, 40, 62, DA, 88, 54, 65, 65, FF, 6B, 6D, 48, 01, AF, 40, 4D, EF, 96, FD, 51, 4E, E1, F3, 0D, 21, 02...
 
[+]

Packer / compiler:
tElock 0.99 - 1.0 private

Driver
Display name:
Virtual USB Bus Enumerator e15

Service name:
vusbbus

Type:
Kernel device driver (KernelDriver)


Scan e15.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.