home

AnyDPCDrv.sys

UNETSystem AnyClick DPC Driver

UNETsystem INC

It runs as a Windows kernel mode device driver named “AnyDPCSvc”.
Publisher:
UNET  (signed by UNETsystem INC)

Product:
UNETSystem AnyClick DPC Driver

Description:
UNETSystem AnyClick DPC Service

Version:
2.1.0.3

MD5:
bedd5c0e2830603cb525300b70f3e43a

SHA-1:
34d5a968f4a4f895f6008d72aa342b373b8f1489

SHA-256:
2499e22d3ebdcb65bdc13b306ae15456403ec612726268ab3fce92ff3bc34b60

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/24/2024 5:50:06 PM UTC  (today)

Scan engine
Detection
Engine version

Comodo Security
Backdoor.Win32.Poison.HAJ
20825

File size:
17.2 KB (17,616 bytes)

Product version:
2.1.0.3

Copyright:
Copyright (C) 2013 UNETsystem Co.Ltd.

Original file name:
AnyDPCDrv.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\anydpcdrv.sys

Digital Signature
Signed by:
UNETsystem INC

Authority:
VeriSign, Inc.

Valid from:
1/22/2013 9:00:00 AM

Valid to:
2/22/2016 8:59:59 AM

Subject:
CN=UNETsystem INC, OU=PKI Team, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=UNETsystem INC, L=Kangnam-Gu, S=Seoul, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1ED325DFAD28FEB794CA1C5A982FE55A

File PE Metadata
Compilation timestamp:
1/27/2014 1:54:50 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
192:+F4iKWheNfgYB1jnx0gSBJiyoYWmnYe+PjP4rMJoz+v0yejjtlAur9ZCspE+TMQZ:+W/W+fg6jW5oxmnYPLxEyuUHeMx3DU

Entry address:
0x503E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 22, C0, FF, FF, CC, CC, 78, 50, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 08, 52, 00, 00, 00, 30, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, C0, 50, 00, 00, D2, 50, 00, 00, EA, 50, 00, 00, 02, 51, 00, 00, 0E, 51, 00, 00, 26, 51, 00, 00, 38, 51, 00, 00, 54, 51, 00, 00, 6E, 51, 00, 00, 84, 51, 00, 00, 9C, 51, 00, 00, AE, 51, 00, 00, B8, 51, 00, 00, C8, 51, 00, 00, DE, 51, 00, 00, EA, 51, 00, 00, F8, 51, 00, 00, 00, 00...
 
[+]

Entropy:
6.3528

Code size:
6 KB (6,144 bytes)

Driver
Display name:
AnyDPCSvc

Type:
Kernel device driver (KernelDriver)


Scan AnyDPCDrv.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.