» ScpVBus.sys
Overview
Analysis
File Details
Behaviors (1)

ScpVBus.sys

Scp Virtual Bus Driver

Bruce James

It runs as a Windows 64-bit kernel mode device driver named “Scp Virtual Bus Driver”.

File name:

ScpVBus.sys

Publisher:

Scarlet.Crush Productions (signed by Bruce James)

Product:

Scp Virtual Bus Driver

Version:

0.7.0.96 built by: WinDDK

MD5:

7b151f338ebb8e486be23ff48b1906b9

SHA-1:

af089a0921b3eaa1b60c09a585ba46c54eee5901

SHA-256:

1b3934918f68356024cf8acfdd18f522de18f56fd2535be627ce840d2da05dd6

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/19/2024 11:54:41 PM UTC (a few moments ago)

File size:

38.3 KB (39,168 bytes)

Product version:

0.7.0.96

Original file name:

ScpVBus.sys

File type:

Driver (Win64 SYS)

Language:

English (United States)

Common path:

C:\Windows\System32\drivers\scpvbus.sys

Digital Signature

Signed by:

Bruce James

Authority:

GlobalSign nv-sa

Valid from:

8/20/2012 7:57:23 PM

Valid to:

8/21/2013 7:57:23 PM

Subject:

CN=Bruce James, C=GB

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121F611BAE8352E9201C65095879D7BDAB1

File PE Metadata

Compilation timestamp:

1/29/2013 2:54:57 AM

OS version:

6.1

OS bitness:

Win64

Subsystem:

Native (none required)

Linker version:

9.0

CTPH (ssdeep):

768:q975PYCblc46wOHSgG4cTKtZstMaO2MBeBjXA+ni8yRI6+CMy2Ge7:c5N2FwOXbZ5cpXLyRICMh

Entry address:

0xB174

Entry point:

48, 83, EC, 28, 4C, 8B, C2, 4C, 8B, C9, E8, 95, FF, FF, FF, 49, 8B, D0, 49, 8B, C9, 48, 83, C4, 28, E9, 76, FE, FF, FF, CC, CC, C0, B1, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, D4, B6, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, B8, B3, 00, 00, 00, 00, 00, 00, D0, B3, 00, 00, 00, 00, 00, 00, E0, B3, 00, 00, 00, 00, 00, 00, F4, B3, 00, 00, 00, 00, 00, 00, 0A, B4, 00, 00, 00, 00, 00, 00, 2C, B4, 00, 00, 00, 00, 00, 00, 42, B4, 00, 00... 
[+]

Entropy:

6.3571

Code size:

24 KB (24,576 bytes)

Driver

Display name:

Scp Virtual Bus Driver

Service name:

ScpVBus

Type:

Kernel device driver (KernelDriver)

Group:

Extended Base

Scan ScpVBus.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.