home

znet_hasp86.sys

Virtual USB bus driver

ZemberekNet

The file znet_hasp86.sys by ZemberekNet has been detected as a potentially unwanted program by 7 anti-malware scanners.
Publisher:
Chingachguk & Denger2k (HL mod + )  (signed by ZemberekNet)

Product:
Virtual USB bus driver

Version:
0.15.1.4 built by: WinDDK

MD5:
19eb28f793357e3178fc2a1d8779b9b8

SHA-1:
c64845dd27f05b5e6424750bbdfda268680de9f1

SHA-256:
3f895483198ac0dc0775093d031d7721b2b920dbc3558c13b6bea566531eb75f

Scanner detections:
7 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 10:07:32 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.MultiKey
7.1.1

Baidu Antivirus
Hacktool.Win32.MultiKey
4.0.3.16228

ESET NOD32
Win32/DongleHack.MultiKey.A potentially unsafe (variant)
10.11401

Fortinet FortiGate
Riskware/DongleHack_MultiKey
2/28/2016

McAfee
Artemis!19EB28F79335
5600.6475

Norman
Suspicious_Gen4.GZVSV
11.20160228

VIPRE Antivirus
Trojan.Win32.Generic
38916

File size:
17.9 KB (18,336 bytes)

Product version:
0.15.1.4

Copyright:
Copyright (C)2004-2008 By Chingachguk & Denger2k +

Original file name:
vusbbus.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\znet_hasp86.sys

Digital Signature
Signed by:
ZemberekNet

Authority:
ZemberekNet

Valid from:
11/16/2009 11:25:25 PM

Valid to:
1/1/2040 12:59:59 AM

Subject:
CN=ZemberekNet

Issuer:
CN=ZemberekNet

Serial number:
6DB8706B2C26CE9643F93FA2F9834F1A

File PE Metadata
Compilation timestamp:
4/12/2008 7:16:41 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
7.10

CTPH (ssdeep):
384:DRtR8QWH+VbIDYYEjc4fHWbY+oYO4aP3DtZi:VM+R+YYOfBWafDtZi

Entry address:
0x3720

Entry point:
8B, FF, 55, 8B, EC, A1, F4, 0E, 01, 00, 85, C0, B9, 40, BB, 00, 00, 74, 04, 3B, C1, 75, 23, 8B, 15, 24, 0D, 01, 00, B8, F4, 0E, 01, 00, C1, E8, 08, 33, 02, 25, FF, FF, 00, 00, A3, F4, 0E, 01, 00, 75, 07, 8B, C1, A3, F4, 0E, 01, 00, F7, D0, A3, F0, 0E, 01, 00, 5D, E9, 1F, FF, FF, FF, CC, B4, 37, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, E2, 3B, 00, 00, 90, 0C, 00, 00, A4, 37, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 30, 3C, 00, 00, 80, 0C, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.2721

Code size:
13.1 KB (13,440 bytes)

Remove znet_hasp86.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.