home

softgerber32.sys

Virtual USB MultiKey x86

Multikey

The file softgerber32.sys has been detected as malware by 8 anti-virus scanners. It runs as a Windows kernel mode device driver named “Virtual USB Softgerber32”.
Publisher:
Chingachguk & Denger2k (Elite & SP edition)  (signed by Multikey)

Product:
Virtual USB MultiKey x86

Version:
0.18.2.4 built by: WinDDK

MD5:
43da72fb31d915915d036edbbc8f4c8b

SHA-1:
95445ed815954eba1d32e9b733b657fcd4cb2d59

SHA-256:
dc8955c12019726999e46db2cd0e1d3ad1b8d4849053a877228514e9f7ea1f16

Scanner detections:
8 / 68

Status:
Malware

Analysis date:
5/10/2024 9:20:01 AM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Troj.Dropper.W32.Agent
2.1.4+

AVG
Win32/Blacked
2017.0.2810

Baidu Antivirus
Trojan.Win32.VMProtect
4.0.3.1639

Bkav FE
HW32.Packed
1.3.0.6379

Clam AntiVirus
Win.Trojan.8183373
0.98/21511

ESET NOD32
Win32/Packed.VMProtect.AAA (variant)
10.11065

Microsoft Security Essentials
VirTool:Win32/Obfuscator.XZ
1.11302

NANO AntiVirus
Trojan.Win32.Agent2.baqcpo
0.30.0.64812

File size:
205 KB (209,928 bytes)

Product version:
0.18.2.4

Copyright:
Copyright (C) 2004-2009 by Chingachguk & Denger2k

Original file name:
MultiKey.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\softgerber32.sys

Digital Signature
Signed by:
Multikey

Authority:
Multikey

Valid from:
4/20/2010 5:17:23 PM

Valid to:
1/1/2040 6:59:59 AM

Subject:
CN=Multikey

Issuer:
CN=Multikey

Serial number:
7A19072DF64273A141B5661F27ABE341

File PE Metadata
Compilation timestamp:
4/20/2010 4:42:27 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
3072:WyMsztacw33KVC/NOR/o++7UCmNzovW1W0nMyw4ZqX3sXGf4f3SVjNVYV:WyMsJAnsR//+7UCU1frrqX3sXBCVcV

Entry address:
0xD2E8

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 0E, FF, FF, FF, 44, D3, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, B6, D7, 00, 00, 10, 06, 00, 00, 34, D3, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, D8, 00, 00, 00, 06, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, DA, D7, 00, 00, C4, D7, 00, 00, F0, D7, 00, 00, 00, 00, 00, 00, 42, D4, 00, 00, 5A, D4, 00, 00, 68, D4, 00, 00, 80, D4, 00, 00, 96, D4, 00, 00, B4, D4, 00, 00, CC, D4, 00, 00, E4, D4, 00, 00, F8, D4, 00, 00...
 
[+]

Entropy:
7.7604  (probably packed)

Code size:
200.5 KB (205,312 bytes)

Driver
Display name:
Virtual USB Softgerber32

Service name:
Softgerber32

Type:
Kernel device driver (KernelDriver)

Group:
Extended Base


Remove softgerber32.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.