home

vhlongminh32.sys

Virtual USB MultiKey x86

Multikey

The file vhlongminh32.sys has been detected as malware by 3 anti-virus scanners. It runs as a Windows kernel mode device driver named “Virtual USB vhlongminh32”.
Publisher:
Chingachguk & Denger2k (Elite & SP edition)  (signed by Multikey)

Product:
Virtual USB MultiKey x86

Version:
0.18.2.4 built by: WinDDK

MD5:
585b9da21254cf322ef687543d11a4fb

SHA-1:
f86a196db29b2851b9c2ee6d0c76c71a9d0123bf

SHA-256:
3f69dce72117fc817a55281c973aa31d7060a071f758f8db29d0053d33098453

Scanner detections:
3 / 68

Status:
Malware

Analysis date:
4/16/2024 11:58:30 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Win32/Blacked
2015.0.4568

ESET NOD32
Win32/DongleHack.MultiKey.B potentially unsafe application
8.0.319.0

Microsoft Security Essentials
Threat.Undefined
1.223.68.0

File size:
205 KB (209,928 bytes)

Product version:
0.18.2.4

Copyright:
Copyright (C) 2004-2009 by Chingachguk & Denger2k

Original file name:
MultiKey.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\vhlongminh32.sys

Digital Signature
Signed by:
Multikey

Authority:
Multikey

Valid from:
4/20/2010 4:17:23 PM

Valid to:
1/1/2040 5:59:59 AM

Subject:
CN=Multikey

Issuer:
CN=Multikey

Serial number:
7A19072DF64273A141B5661F27ABE341

File PE Metadata
Compilation timestamp:
4/20/2010 3:42:27 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
3072:HyMsDtacw33KVC/NOR/o++7UCmNzovW1W0nMyw4ZqX3sXGf4f3SVjNVYV:HyMs5AnsR//+7UCU1frrqX3sXBCVcV

Entry address:
0xD2E8

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 0E, FF, FF, FF, 44, D3, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, B6, D7, 00, 00, 10, 06, 00, 00, 34, D3, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, D8, 00, 00, 00, 06, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, DA, D7, 00, 00, C4, D7, 00, 00, F0, D7, 00, 00, 00, 00, 00, 00, 42, D4, 00, 00, 5A, D4, 00, 00, 68, D4, 00, 00, 80, D4, 00, 00, 96, D4, 00, 00, B4, D4, 00, 00, CC, D4, 00, 00, E4, D4, 00, 00, F8, D4, 00, 00...
 
[+]

Entropy:
7.7604  (probably packed)

Code size:
200.5 KB (205,312 bytes)

Driver
Display name:
Virtual USB vhlongminh32

Service name:
vhlongminh32

Type:
Kernel device driver (KernelDriver)

Group:
Extended Base


Remove vhlongminh32.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.