home

ahnsze.sys

AhnLab SpyZero Engine

AhnLab, Inc.

It runs as a Windows 64-bit kernel mode device driver named “AhnSZE”.
Publisher:
AhnLab, Inc.  (signed and verified)

Product:
AhnLab SpyZero Engine

Description:
AhnLab SpyZero Engine Driver(AMD64)

Version:
4.11.1.17113

MD5:
e16259fbb9b80c81fe3d8b022045cecc

SHA-1:
cd402791683833a1569d60c1ae2f81c07252c499

SHA-256:
957cd0dddadc35c4fce4c3a2223f3f951cee009cb2331e5bd1716598d0804b04

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 6:51:14 AM UTC  (today)

File size:
2.9 MB (3,048,776 bytes)

Product version:
4.0.0

Copyright:
Copyright(C) 2010 AhnLab, Inc.

Original file name:
ahnsze.sys

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\ahnsze.sys

Digital Signature
Signed by:
AhnLab, Inc.

Authority:
VeriSign, Inc.

Valid from:
11/9/2016 8:00:00 PM

Valid to:
1/9/2018 7:59:59 PM

Subject:
CN="AhnLab, Inc.", OU=IT Service, O="AhnLab, Inc.", L=Seongnam-si, S=Gyeonggi-do, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
03E4DF64CE156A1D632DB3DFD9A06B13

File PE Metadata
Compilation timestamp:
3/13/2017 9:24:51 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
8.0

Entry address:
0x2DB010

Entry point:
48, 8B, 05, 01, 11, FC, FF, 49, B9, 32, A2, DF, 2D, 99, 2B, 00, 00, 48, 85, C0, 74, 05, 49, 3B, C1, 75, 2F, 4C, 8D, 05, E6, 10, FC, FF, 48, B8, 20, 03, 00, 00, 80, F7, FF, FF, 48, 8B, 00, 49, 33, C0, 49, B8, FF, FF, FF, FF, FF, FF, 00, 00, 49, 23, C0, 49, 0F, 44, C1, 48, 89, 05, BE, 10, FC, FF, 48, F7, D0, 48, 89, 05, AC, 10, FC, FF, E9, F7, 63, D2, FF, CC, CC, CC, 98, B0, 2D, 00, 00, 00, 00, 00, 00, 00, 00, 00, B8, B4, 2D, 00, 00, 70, 27, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Code size:
2.5 MB (2,579,968 bytes)

Driver
Display name:
AhnSZE

Type:
Kernel device driver (KernelDriver)


Scan ahnsze.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.