» vrtaucbl.sys
Overview
Analysis
File Details
Behaviors (1)

vrtaucbl.sys

Virtual Audio Cable

Muzychenko Evgenii Viktorovich

It runs as a Windows kernel mode device driver named “@oem7.inf,%DeviceName% (WDM);Virtual Audio Cable (WDM)”.

File name:

vrtaucbl.sys

Publisher:

Eugene V. Muzychenko (signed by Muzychenko Evgenii Viktorovich)

Product:

Virtual Audio Cable

Description:

Kernel-mode WDM driver

Version:

4.15.0.7483

MD5:

4ba7df6bd567a0e47bfcb30edc30582c

SHA-1:

13153294cce9ac3fb9882ac7d7eb33fccd574d82

SHA-256:

d11ca9ae755e187015859883d588912db195657a1abc80eb6a0422b8487e5c40

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/19/2024 11:51:37 AM UTC (today)

File size:

89 KB (91,168 bytes)

Product version:

4.15.0.7314 (full)

Original file name:

vrtaucbl.sys

File type:

Driver (Win32 SYS)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\x86\vrtaucbl.sys

Digital Signature

Signed by:

Muzychenko Evgenii Viktorovich

Authority:

GlobalSign nv-sa

Valid from:

5/17/2013 2:32:18 PM

Valid to:

5/17/2016 2:32:18 PM

Subject:

CN=Muzychenko Evgenii Viktorovich, C=RU

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11216AB7186B1912D9356038C613BC28924A

File PE Metadata

Compilation timestamp:

12/30/2015 4:28:10 PM

OS version:

6.1

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

9.0

CTPH (ssdeep):

1536:Bbi57reesz58T0/HkbD3ffIlUVr/PPflETt1t:9i57CeoWAHkHIl0r/PPflot

Entry address:

0x12E10

Entry point:

8B, FF, 55, 8B, EC, 56, 57, E8, 14, CF, FF, FF, 84, C0, 75, 12, BE, 01, 00, 00, C0, E8, F6, 27, FF, FF, 5F, 8B, C6, 5E, 5D, C2, 08, 00, E8, E9, CF, FF, FF, 8B, 7D, 0C, 0F, B7, 0F, 8B, 47, 04, 50, D1, E9, 51, 68, 08, 16, 02, 00, 68, 04, 01, 00, 00, 68, B8, 2A, 02, 00, E8, A8, C5, FF, FF, 33, D2, 83, C4, 14, 52, 52, C7, 05, B0, 2A, 02, 00, 00, 00, 00, 00, 66, 89, 15, AC, 2A, 02, 00, FF, 15, 28, 0A, 02, 00, 8B, C8, 83, C1, 05, B8, CD, CC, CC, CC, F7, E1, C1, EA, 03, 68, 00, C0, 00, 00, B9, DC, 2C, 02, 00, 89... 
[+]

Entropy:

6.4382

Code size:

67.9 KB (69,504 bytes)

Driver

Display name:

@oem7.inf,%DeviceName% (WDM);Virtual Audio Cable (WDM)

Service name:

EuMusDesignVirtualAudioCableWdm

Type:

Kernel device driver (KernelDriver)

Scan vrtaucbl.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.