» pcd.sys
Overview
Analysis
File Details
Behaviors (1)

pcd.sys

PacketiX VPN Server Version 2.0

SoftEther Corporation

It runs as a Windows kernel mode device driver named “PacketiX Kernel-Mode Driver”.

File name:

pcd.sys

Publisher:

SoftEther Corporation (signed and verified)

Product:

PacketiX VPN Server Version 2.0

Description:

PacketiX VPN Server Low-Level Packet Capture and Write Driver Version 2.0

Version:

2, 2, 0, 5302

MD5:

3c1e4f33e98a67cfeb96e442c37fa62b

SHA-1:

c56f90f8f3e17a35a32b248b3660810997c283da

SHA-256:

ae15c9babd0f9c63d981230ddf62340e08ad6668257944f47f92d0169dcb9804

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/15/2024 11:41:33 PM UTC (a few moments ago)

File size:

42.2 KB (43,200 bytes)

Product version:

2, 2, 0, 5302

Trademarks:

PacketiX is a registered trademark of SoftEther Corporation.

Original file name:

pcd.sys

File type:

Driver (Win32 SYS)

Common path:

C:\Windows\System32\drivers\pcd.sys

Digital Signature

Signed by:

SoftEther Corporation

Authority:

VeriSign, Inc.

Valid from:

7/18/2006 8:00:00 AM

Valid to:

7/19/2007 7:59:59 AM

Subject:

CN=SoftEther Corporation, OU=R&D, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=SoftEther Corporation, L=Tsukuba-shi, S=Ibaraki-ken, C=JP

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

3283C2FDBDA85C9B1381EA16A203668F

File PE Metadata

Compilation timestamp:

3/31/2007 2:11:47 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

8.0

CTPH (ssdeep):

768:OFTAWyiTmmaUjw/BezwRhjo4gkUSlJvOITRdCdGPcdZSeTL3emvibQO:m8WyiTmmaV/MzwL84gkUSl5duSeTRSQO

Entry address:

0x3F40

Entry point:

55, 8B, EC, 83, E4, F8, 81, EC, 8C, 00, 00, 00, 8B, 45, 0C, 53, 56, 57, 33, DB, 50, 89, 5C, 24, 14, 66, C7, 44, 24, 1C, 18, 00, 66, C7, 44, 24, 1E, 1A, 00, BE, 14, 77, 01, 00, E8, 1F, EF, FF, FF, FF, 15, 34, 73, 01, 00, 6A, 6C, 0F, BE, C8, 8D, 54, 24, 2C, 53, 52, 89, 0D, 3C, 79, 01, 00, E8, D9, 32, 00, 00, 8B, 44, 24, 24, 83, C4, 0C, 6A, 6C, 8D, 4C, 24, 2C, 51, 8D, 54, 24, 1C, 89, 44, 24, 60, 52, 8D, 44, 24, 1C, 50, C6, 44, 24, 38, 05, 88, 5C, 24, 39, 89, 5C, 24, 3C, C7, 44, 24, 40, F0, 26, 01, 00, C7, 44... 
[+]

Entropy:

6.6282

Developed / compiled with:

Microsoft Visual C++

Code size:

29.9 KB (30,592 bytes)

Driver

Display name:

PacketiX Kernel-Mode Driver

Service name:

PCD

Type:

Kernel device driver (KernelDriver)

Scan pcd.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.