» ScpVBus.sys
Overview
Analysis
File Details
Behaviors (1)

ScpVBus.sys

Scp Virtual Bus Driver

Bruce James

It runs as a Windows 64-bit kernel mode device driver named “Scp Virtual Bus Driver”.

File name:

ScpVBus.sys

Publisher:

Scarlet.Crush Productions (signed by Bruce James)

Product:

Scp Virtual Bus Driver

Version:

0.8.0.100 built by: WinDDK

MD5:

2339e96dad50d51ec1b66ef9ca1d8ded

SHA-1:

3f852ed6a57426dc65d671ad4784ffe8b0e548ff

SHA-256:

8734265585dcaa18d0fecabb414ccff291f42bab5a5d3e66b352a0768ad604e4

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 11:09:58 PM UTC (a few moments ago)

File size:

38.3 KB (39,168 bytes)

Product version:

0.8.0.100

Original file name:

ScpVBus.sys

File type:

Driver (Win64 SYS)

Language:

English (United States)

Common path:

C:\Windows\System32\drivers\scpvbus.sys

Digital Signature

Signed by:

Bruce James

Authority:

GlobalSign nv-sa

Valid from:

8/20/2012 4:27:23 PM

Valid to:

8/21/2013 4:27:23 PM

Subject:

CN=Bruce James, C=GB

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121F611BAE8352E9201C65095879D7BDAB1

File PE Metadata

Compilation timestamp:

3/20/2013 4:10:28 PM

OS version:

6.1

OS bitness:

Win64

Subsystem:

Native (none required)

Linker version:

9.0

CTPH (ssdeep):

768:Sz+6yz3JqnYCblcp6wOrBKC4cTPfZ2Vw2zeOBjEwXxyvJ3GB1b6GCnB2GR:SByY12kwOEER2lKSXCIB1PCn

Entry address:

0xB174

Entry point:

48, 83, EC, 28, 4C, 8B, C2, 4C, 8B, C9, E8, 95, FF, FF, FF, 49, 8B, D0, 49, 8B, C9, 48, 83, C4, 28, E9, 76, FE, FF, FF, CC, CC, C0, B1, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, F6, B6, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, C0, B3, 00, 00, 00, 00, 00, 00, D8, B3, 00, 00, 00, 00, 00, 00, E8, B3, 00, 00, 00, 00, 00, 00, FC, B3, 00, 00, 00, 00, 00, 00, 12, B4, 00, 00, 00, 00, 00, 00, 34, B4, 00, 00, 00, 00, 00, 00, 4A, B4, 00, 00... 
[+]

Entropy:

6.3624

Code size:

24 KB (24,576 bytes)

Driver

Display name:

Scp Virtual Bus Driver

Service name:

ScpVBus

Type:

Kernel device driver (KernelDriver)

Group:

Extended Base

Scan ScpVBus.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.