home

YCHvDisk.sys

ECHANCE STRONGBOX

Beijing eChance Hi-Tech Software Co.,Ltd.

It runs as a Windows kernel mode device driver named “eChance VirtualDisk Driver”.
Publisher:
ECHANCE  (signed by Beijing eChance Hi-Tech Software Co.,Ltd.)

Product:
ECHANCE STRONGBOX

Version:
1.1 built by: WinDDK

MD5:
b860b2ab7929f14397affc8e2f08c6e5

SHA-1:
e6152d0c4d5297777b6dfb94f92b0a2108bd85b1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 11:26:09 PM UTC  (a few moments ago)

File size:
191.6 KB (196,216 bytes)

Product version:
1.1

Copyright:
Copyright (C) ECHANCE CORPORATION 2005-

Original file name:
YCHvDisk.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\ychvdisk.sys

Digital Signature
Signed by:
Beijing eChance Hi-Tech Software Co.,Ltd.

Authority:
VeriSign, Inc.

Valid from:
3/29/2010 8:00:00 AM

Valid to:
3/30/2011 7:59:59 AM

Subject:
CN="Beijing eChance Hi-Tech Software Co.,Ltd.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Beijing eChance Hi-Tech Software Co.,Ltd.", L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
58AC5CA3D6AF017811CF7F2BBF00A4EE

File PE Metadata
Compilation timestamp:
3/19/2010 10:51:31 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
7.0

CTPH (ssdeep):
3072:7yEec8OaIrTpJFHfB1ZN5NklPPQ3MEUl848MqqDL2/Am9f3bSudNFe:sLO9rX1B1ZN5NkBPTqqDL6Am9m0Fe

Entry address:
0x2C87A

Entry point:
B8, 36, 25, 01, 00, 56, 8B, 74, 24, 08, 6A, 01, 68, 60, B5, 03, 00, 89, 46, 38, 89, 46, 40, 89, 86, 80, 00, 00, 00, 89, 46, 5C, 89, 46, 78, 89, 86, A4, 00, 00, 00, 89, 46, 44, 89, 46, 48, 89, 46, 70, C7, 46, 34, 10, 25, 01, 00, FF, 15, 30, 13, 03, 00, 33, C0, 50, 50, 50, 68, 44, B5, 03, 00, E8, 0E, 96, FD, FF, 56, E8, 00, FF, FF, FF, 5E, C2, 08, 00, CC, CC, FC, C8, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, D4, CE, 02, 00, 80, 12, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.4429

Code size:
133.9 KB (137,088 bytes)

Driver
Display name:
eChance VirtualDisk Driver

Service name:
YCHvDisk

Type:
Kernel device driver (KernelDriver)


Scan YCHvDisk.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.