» zmu24audio.sys
Overview
Analysis
File Details
Behaviors (1)

zmu24audio.sys

U-24 Driver

Zoom Corporation

It runs as a Windows kernel mode device driver named “ZOOM U-24 Audio Service”.

File name:

zmu24audio.sys

Publisher:

ZOOM (signed by Zoom Corporation)

Product:

U-24 Driver

Version:

1.0.0.9

MD5:

a5aa163169bfc4dbc5cb5dd1d3cc8cae

SHA-1:

3b7a5341672b6a05e57cb2412823610fc114e9d0

SHA-256:

78302f93536abd9257f70bb597097b9ad6d031b709e051d00e076f21dd8d1772

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/5/2024 5:35:09 AM UTC (today)

File size:

150.5 KB (154,128 bytes)

Product version:

1.0.0.9

Original file name:

zmu24audio.sys

File type:

Driver (Win32 SYS)

Language:

English (United States)

Common path:

C:\Windows\System32\drivers\zmu24audio.sys

Digital Signature

Signed by:

Zoom Corporation

Authority:

Symantec Corporation

Valid from:

5/13/2015 2:00:00 AM

Valid to:

5/13/2016 1:59:59 AM

Subject:

CN=Zoom Corporation, OU=Engineering Division, O=Zoom Corporation, L=Chiyoda-ku, S=Tokyo, C=JP

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

675B3AC99D964F428EDACBB5E6C9E3D2

File PE Metadata

Compilation timestamp:

4/20/2016 8:12:06 AM

OS version:

6.1

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

9.0

CTPH (ssdeep):

3072:V/Qjh2+Uf95kSA7OJi1ocjfAjhRE8PcRCyUj4Mku9zSjwmzomCrIs0:qvq5qQ+oESc4+MkiwhaC

Entry address:

0x20BBE

Entry point:

8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 4C, A2, FE, FF, CC, CC, 58, 0C, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, 6C, 13, 02, 00, 24, EA, 01, 00, 34, 0C, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, EE, 13, 02, 00, 00, EA, 01, 00, 90, 0D, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, A2, 14, 02, 00, 5C, EB, 01, 00, 48, 0C, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, 10, 15, 02, 00, 14, EA, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 9C, 13, 02, 00, BE, 13, 02, 00, DA, 13... 
[+]

Entropy:

6.6621

Code size:

125.3 KB (128,256 bytes)

Driver

Display name:

ZOOM U-24 Audio Service

Service name:

ZMU24AUDIO

Type:

Kernel device driver (KernelDriver)

Scan zmu24audio.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.