» USBMonitorProtect.sys
Overview
Analysis
File Details
Behaviors (1)

USBMonitorProtect.sys

USB Device Plug and Play Monitor Host

深圳市哈奇世界科技有限公司

It runs as a Windows kernel mode device driver named “USBMonitorProtect”.

File name:

Publisher:

DriveTheLife Corporation (signed by 深圳市哈奇世界科技有限公司)

Product:

USB Device Plug and Play Monitor Host

Version:

1.2.1.6

MD5:

f05c8c6ed220bd541188031a751a2f29

SHA-1:

a3ec599dcca729db389e79645c1e769ac8178264

SHA-256:

b90c479f3b39eaa38d505b48c8b589b7531d94492e010ad6ad6227763e51a6fc

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/24/2024 8:36:18 AM UTC (today)

File size:

564.8 KB (578,384 bytes)

Product version:

1.2.1.6

Original file name:

USBMonitorProtect.sys

File type:

Driver (Win32 SYS)

Language:

Language Neutral

Common path:

C:\Program Files\usbboxlite\usbmonitorprotect.sys

Digital Signature

Signed by:

深圳市哈奇世界科技有限公司

Authority:

VeriSign, Inc.

Valid from:

5/9/2016 1:00:00 AM

Valid to:

2/16/2018 11:59:59 PM

Subject:

CN=深圳市哈奇世界科技有限公司, OU=IT Dept, O=深圳市哈奇世界科技有限公司, L=Shenzhen, S=Guangdong, C=CN

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

7F5E1C96CD50E8874AE42B693BC2A45D

File PE Metadata

Compilation timestamp:

12/23/2015 9:53:37 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

9.0

CTPH (ssdeep):

12288:qiq/7VDHCJXZzZUX+ORT5ksW5uApTiQjKE+7TEsr:qR7VCJXUbJ5KXOQjKZ7TEsr

Entry address:

0x1090

Entry point:

55, 8B, EC, 83, E4, F8, 83, EC, 1C, 53, 56, 57, 68, 31, 74, 6C, 4D, 33, FF, 68, 18, 02, 00, 00, 57, 89, 7C, 24, 18, 89, 7C, 24, 24, 89, 7C, 24, 28, FF, 15, 2C, C0, 40, 00, 3B, C7, 74, 0A, C7, 00, 24, C3, 40, 00, 8B, C8, EB, 02, 33, C9, 8B, 01, 8B, 50, 04, 68, 48, C2, 40, 00, 89, 0D, 74, F0, 40, 00, FF, D2, 8B, 35, 40, C0, 40, 00, 68, 9C, C2, 40, 00, 8D, 44, 24, 14, 50, FF, D6, 68, D0, C2, 40, 00, 8D, 4C, 24, 24, 51, FF, D6, 8B, 5D, 08, B8, 70, 1A, 40, 00, 89, 43, 3C, 89, 43, 44, 89, 43, 48, 89, 43, 4C, 89... 
[+]

Entropy:

6.7796

Developed / compiled with:

Microsoft Visual C++

Code size:

536.5 KB (549,376 bytes)

Driver

Display name:

USBMonitorProtect

Type:

Kernel device driver (KernelDriver)

Scan USBMonitorProtect.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.