home

KeyMultt.sys

Virtual USB KeyMultt x86

Multikey

It runs as a Windows kernel mode device driver named “Virtual USB KeyMultt”.
Publisher:
Chingachguk & Denger2k (Elite & SP edition)  (signed by Multikey)

Product:
Virtual USB KeyMultt x86

Version:
0.18.2.4 built by: WinDDK

MD5:
c792d11aec5143f96fde252ba315ae4c

SHA-1:
6fd4b62de746e2c927e081dcdbff169b5b2a176c

SHA-256:
b1d576bbc466dbd47d98907e8059a4b5c94be6a47d9af629129d77fd59344738

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/25/2024 10:14:32 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Packed.VMProtect.AAA (variant)
10.8416

Microsoft Security Essentials
VirTool:Win32/Obfuscator.XZ
1.163.1557.0

NANO AntiVirus
Trojan.Win32.Agent2.baqcpo
0.24.0.52697

Panda Antivirus
Trj/Thed.W
16.04.05.03

File size:
205 KB (209,928 bytes)

Product version:
0.18.2.4

Copyright:
Copyright (C) 2004-2009 by Chingachguk & Denger2k

Original file name:
KeyMultt.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\keymultt.sys

Digital Signature
Signed by:
Multikey

Authority:
Multikey

Valid from:
4/20/2010 5:17:23 AM

Valid to:
12/31/2039 6:59:59 PM

Subject:
CN=Multikey

Issuer:
CN=Multikey

Serial number:
7A19072DF64273A141B5661F27ABE341

File PE Metadata
Compilation timestamp:
4/20/2010 4:42:27 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
3072:HyMsDtacw33KGi/NOR/o++7UCmNzovW1W0nMyw4ZqX3sXGf4f3SVjNVYV:HyMs5AnJR//+7UCU1frrqX3sXBCVcV

Entry address:
0xD2E8

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 0E, FF, FF, FF, 44, D3, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, B6, D7, 00, 00, 10, 06, 00, 00, 34, D3, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, D8, 00, 00, 00, 06, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, DA, D7, 00, 00, C4, D7, 00, 00, F0, D7, 00, 00, 00, 00, 00, 00, 42, D4, 00, 00, 5A, D4, 00, 00, 68, D4, 00, 00, 80, D4, 00, 00, 96, D4, 00, 00, B4, D4, 00, 00, CC, D4, 00, 00, E4, D4, 00, 00, F8, D4, 00, 00...
 
[+]

Code size:
198.5 KB (203,264 bytes)

Driver
Display name:
Virtual USB KeyMultt

Service name:
keymultt

Type:
Kernel device driver (KernelDriver)

Group:
Extended Base


Scan KeyMultt.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.