home

machnm32.sys

Concept Software Inc.

It runs as a Windows kernel mode device driver named “Machnm32 Driver”.
Publisher:
Concept Software Inc.  (signed and verified)

MD5:
fe2410c14228149466b11eac3e8c200b

SHA-1:
d3a9bc09a6835641a102b45384613c029dc9816d

SHA-256:
f4ba8aa80e6b568d892c84c77d2af3d39adb88358b5999e4acd163d6eec6364a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 1:40:03 PM UTC  (today)

File size:
7.3 KB (7,432 bytes)

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\machnm32.sys

Digital Signature
Signed by:
Concept Software Inc.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
11/16/2006 4:54:40 PM

Valid to:
11/15/2008 4:54:40 PM

Subject:
CN=Concept Software Inc., OU=Secure Application Development, O=Concept Software Inc., L=Winter Garden, S=Florida, C=US

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
4D91AA7FDB7A5FDBA11DED760629BDE2

File PE Metadata
Compilation timestamp:
8/13/2003 6:26:58 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
7.0

CTPH (ssdeep):
96:fGd8ZX300Ng/z6vuegOZzQMLy+xQ0O13Wxc25Qhlxpg9sgzdew5mog+MSN88RFI7:fGW6G1WO3L/xj4nxpg9sldolM4yRYy

Entry address:
0x506

Entry point:
55, 8B, EC, 83, EC, 14, 56, 8B, 35, 08, 06, 01, 00, 57, 68, B8, 04, 01, 00, 8D, 45, F4, 50, FF, D6, 8B, 7D, 08, 8D, 45, FC, 50, 6A, 00, 6A, 00, 6A, 22, 8D, 45, F4, 50, 6A, 00, 57, FF, 15, 28, 06, 01, 00, 85, C0, 75, 4A, 68, DC, 04, 01, 00, 8D, 45, EC, 50, FF, D6, 8D, 45, F4, 50, 8D, 45, EC, 50, FF, 15, 24, 06, 01, 00, 8B, F0, 85, F6, 74, 0D, FF, 75, FC, FF, 15, 0C, 06, 01, 00, 8B, C6, EB, 1E, C7, 47, 34, C4, 02, 01, 00, C7, 47, 38, 80, 02, 01, 00, C7, 47, 40, 80, 02, 01, 00, C7, 47, 70, 41, 04, 01, 00, 33...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
1.3 KB (1,280 bytes)

Driver
Display name:
Machnm32 Driver

Service name:
Machnm32

Type:
Kernel device driver (KernelDriver)


The file machnm32.sys has been discovered within the following program.

Expert Estimation 2014  by Pronamics
www.pronamics.com
About 8% of users remove it
 
Powered by Should I Remove It?

Scan machnm32.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.