home

vDiskBus.sys

System Virtual Disk

Hangzhou Shunwang Technology Co.,Ltd

It runs as a Windows 64-bit kernel mode device driver named “vDiskBus”.
Publisher:
Sunward Information Technology Co.Ltd  (signed by Hangzhou Shunwang Technology Co.,Ltd)

Product:
System Virtual Disk

Description:
vDiskBus.sys

Version:
2015.9.14.1

MD5:
261fc9f7190119a11648a0887810bb35

SHA-1:
b2b1e5a4856f482d46392bd535e5df93bc289947

SHA-256:
a9b66e7c9eea82b856cc848f24f020505f6a969c5863321be954ebf5a1b854cb

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
5/2/2024 11:12:35 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Clam AntiVirus
Win.Trojan.MSShellcode-5
0.98/22693

File size:
855 KB (875,560 bytes)

Product version:
9, 0, 1, 0

Copyright:
Sunward Information Technology Co.Ltd

Original file name:
vDiskBus.sys

File type:
Driver (Win64 SYS)

Common path:
C:\Windows\System32\drivers\vdiskbus.sys

Digital Signature
Signed by:
Hangzhou Shunwang Technology Co.,Ltd

Authority:
GlobalSign nv-sa

Subject:
CN="Hangzhou Shunwang Technology Co.,Ltd", OU="Hangzhou Shunwang Technology Co.,Ltd", O="Hangzhou Shunwang Technology Co.,Ltd", L=Hangzhou, S=Zhejiang, C=CN

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121E8B4F5723BB9271CA1A914C927D7080E

File PE Metadata
Compilation timestamp:
12/24/2015 1:19:52 PM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

Entry address:
0xDC064

Entry point:
48, 83, EC, 28, 4C, 8B, C2, 4C, 8B, C9, E8, 95, FF, FF, FF, 49, 8B, D0, 49, 8B, C9, 48, 83, C4, 28, E9, 1E, C3, F2, FF, CC, CC, B0, C1, 0D, 00, 00, 00, 00, 00, 00, 00, 00, 00, 72, CC, 0D, 00, C8, D0, 0C, 00, 98, C1, 0D, 00, 00, 00, 00, 00, 00, 00, 00, 00, B6, CC, 0D, 00, B0, D0, 0C, 00, 00, C1, 0D, 00, 00, 00, 00, 00, 00, 00, 00, 00, 4C, CE, 0D, 00, 18, D0, 0C, 00, E8, C0, 0D, 00, 00, 00, 00, 00, 00, 00, 00, 00, DA, D2, 0D, 00, 00, D0, 0C, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.0587

Code size:
818 KB (837,632 bytes)

Driver
Display name:
vDiskBus

Type:
Kernel device driver (KernelDriver)


Scan vDiskBus.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.