home

bcfmgr.exe

BestCrypt Volume Encryption

Jetico Inc. Oy

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘BestCrypt Volume Encryption’.
Publisher:
Jetico Inc. Oy  (signed and verified)

Product:
BestCrypt Volume Encryption

Description:
BestCrypt Volume Encryption Manager

Version:
3.71.06

MD5:
6fe683ffd074fef1de13fbda7d010e94

SHA-1:
bbb432afb76f9b674a4d0a2a2a50d99a0348c585

SHA-256:
00fc4f77453771f542e523a71c2d88727da8f8af75475db4d7aea11acce7598a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/30/2024 11:37:24 AM UTC  (today)

File size:
2.6 MB (2,755,504 bytes)

Product version:
3.71.06

Copyright:
Copyright (C) 2005 - 2016

Trademarks:
BestCrypt is a trademark of Jetico Inc. Oy

Original file name:
bcfmgr.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\jetico\bestcrypt\bc_ve\bcfmgr.exe

Digital Signature
Signed by:
Jetico Inc. Oy

Authority:
Jetico Inc. Oy

Valid from:
9/15/2016 2:25:25 PM

Valid to:
12/31/2039 5:59:59 PM

Subject:
CN=Jetico Inc. Oy, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Jetico Inc. Oy, L=Espoo, S=Uusimaa, C=FI

Issuer:
CN=Jetico Inc. Oy, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Jetico Inc. Oy, L=Espoo, S=Uusimaa, C=FI

Serial number:
4DFA0AF9A1055EAC42C2925565B5C1EC

File PE Metadata
Compilation timestamp:
6/16/2016 12:06:54 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:I8FsQGbHctfgwUNaYZOAs5gpa/yoCHRIQOQcOU84MlHyMMYguHZ:vyQYkfmNaYZOVgpahVacOb4MlHyMMYgU

Entry address:
0x135761

Entry point:
E8, 95, BD, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 53, 33, DB, 39, 5D, 0C, 75, 1D, E8, 74, 66, 00, 00, 53, 53, 53, 53, 53, C7, 00, 16, 00, 00, 00, E8, 61, 4A, 00, 00, 83, C4, 14, 83, C8, FF, EB, 69, 8B, 45, 08, 3B, C3, 74, DC, 56, FF, 75, 14, 89, 45, E8, FF, 75, 10, 89, 45, E0, FF, 75, 0C, 8D, 45, E0, 50, C7, 45, EC, 42, 00, 00, 00, C7, 45, E4, FF, FF, FF, 7F, E8, 81, BF, 00, 00, 83, C4, 10, FF, 4D, E4, 8B, F0, 78, 0A, 8B, 45, E0, 88, 18, FF, 45, E0, EB, 0C, 8D, 45, E0, 50, 53, E8, AD...
 
[+]

Entropy:
6.3137

Code size:
1.4 MB (1,436,672 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
BestCrypt Volume Encryption

Command:
"C:\Program Files\jetico\bestcrypt\bc_ve\bcfmgr.exe" mountatlogon


Scan bcfmgr.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.