× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e1b5394606a2ac8d0efed3721187b26dcf8b72fd709a6f30e936bbd140137c2a
File name: Monitor
Detection ratio: 0 / 66
Analysis date: 2017-12-28 14:10:54 UTC ( 1 year, 2 months ago )
Antivirus Result Update
Ad-Aware 20171225
AegisLab 20171228
AhnLab-V3 20171228
Alibaba 20171228
ALYac 20171228
Arcabit 20171228
Avast 20171228
Avast-Mobile 20171228
AVG 20171228
Avira (no cloud) 20171228
AVware 20171228
Baidu 20171227
BitDefender 20171228
Bkav 20171228
CAT-QuickHeal 20171228
ClamAV 20171228
CMC 20171228
Comodo 20171228
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
Cylance 20171228
Cyren 20171228
DrWeb 20171228
eGambit 20171228
Emsisoft 20171228
Endgame 20171130
ESET-NOD32 20171228
F-Prot 20171228
F-Secure 20171228
Fortinet 20171228
GData 20171228
Ikarus 20171228
Sophos ML 20170914
Jiangmin 20171228
K7AntiVirus 20171228
K7GW 20171228
Kaspersky 20171228
Malwarebytes 20171228
MAX 20171228
McAfee 20171228
McAfee-GW-Edition 20171228
Microsoft 20171228
eScan 20171228
NANO-Antivirus 20171228
nProtect 20171228
Palo Alto Networks (Known Signatures) 20171228
Panda 20171227
Qihoo-360 20171228
Rising 20171228
SentinelOne (Static ML) 20171224
Sophos AV 20171228
SUPERAntiSpyware 20171228
Symantec 20171227
Symantec Mobile Insight 20171227
Tencent 20171228
TheHacker 20171226
TotalDefense 20171228
TrendMicro 20171228
TrendMicro-HouseCall 20171228
Trustlook 20171228
VBA32 20171228
VIPRE 20171228
ViRobot 20171228
Webroot 20171228
WhiteArmor 20171226
Yandex 20171225
Zillya 20171228
ZoneAlarm by Check Point 20171228
Zoner 20171228
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2004-2006 OLYMPUS IMAGING CORP.

Product OLYMPUS Master
Original name Monitor.EXE
Internal name Monitor
File version 1, 4, 2, 5
Description resident module
Packers identified
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2006-05-16 08:51:03
Entry Point 0x0000463E
Number of sections 4
PE sections
PE imports
RegOpenKeyExA
RegQueryValueExA
RegFlushKey
RegEnumKeyExA
RegCloseKey
GetLastError
EnterCriticalSection
ReleaseMutex
FreeLibrary
GetVersionExA
GetModuleFileNameA
LoadLibraryA
DeleteCriticalSection
GetStartupInfoA
LocalAlloc
GetProcAddress
OpenMutexA
CreateMutexA
GetModuleHandleA
lstrcpyA
CloseHandle
LocalFree
InitializeCriticalSection
InterlockedDecrement
Sleep
InterlockedIncrement
LeaveCriticalSection
Ord(6197)
Ord(1775)
Ord(2438)
Ord(4080)
Ord(537)
Ord(3597)
Ord(3136)
Ord(1842)
Ord(5237)
Ord(6380)
Ord(3350)
Ord(6375)
Ord(1158)
Ord(6143)
Ord(3798)
Ord(2621)
Ord(3259)
Ord(1665)
Ord(4303)
Ord(2512)
Ord(6215)
Ord(2915)
Ord(815)
Ord(2723)
Ord(6270)
Ord(366)
Ord(861)
Ord(4353)
Ord(2514)
Ord(4425)
Ord(5277)
Ord(4441)
Ord(5861)
Ord(941)
Ord(4465)
Ord(5300)
Ord(4627)
Ord(1168)
Ord(3738)
Ord(4853)
Ord(356)
Ord(5608)
Ord(2982)
Ord(825)
Ord(3081)
Ord(5199)
Ord(5307)
Ord(801)
Ord(4424)
Ord(540)
Ord(4078)
Ord(3059)
Ord(2554)
Ord(4376)
Ord(6376)
Ord(5282)
Ord(2781)
Ord(1727)
Ord(823)
Ord(1644)
Ord(2379)
Ord(2725)
Ord(4998)
Ord(5472)
Ord(4436)
Ord(3654)
Ord(800)
Ord(3749)
Ord(2770)
Ord(541)
Ord(4274)
Ord(5261)
Ord(5683)
Ord(4079)
Ord(4467)
Ord(1146)
Ord(6663)
Ord(3147)
Ord(2124)
Ord(1233)
Ord(924)
Ord(2116)
Ord(4077)
Ord(2086)
Ord(2584)
Ord(3262)
Ord(674)
Ord(975)
Ord(1576)
Ord(5065)
Ord(4407)
Ord(4220)
Ord(3663)
Ord(3346)
Ord(2446)
Ord(2396)
Ord(3831)
Ord(5100)
Ord(6374)
Ord(539)
Ord(3825)
Ord(926)
Ord(1089)
Ord(2985)
Ord(4204)
Ord(3922)
Ord(4151)
Ord(2649)
Ord(6052)
Ord(2764)
Ord(2818)
Ord(5252)
Ord(4457)
Ord(1776)
Ord(858)
Ord(5572)
Ord(535)
Ord(3830)
Ord(5103)
Ord(1768)
Ord(2385)
Ord(2878)
Ord(3079)
Ord(4499)
Ord(6442)
Ord(2065)
Ord(2055)
Ord(4837)
Ord(5241)
Ord(668)
Ord(4129)
Ord(4427)
Ord(5012)
Ord(2648)
Ord(5714)
Ord(5289)
Ord(3403)
Ord(5280)
Ord(4622)
Ord(561)
Ord(2390)
Ord(5302)
Ord(2879)
Ord(4486)
Ord(4698)
Ord(2976)
Ord(5163)
Ord(6055)
Ord(6199)
Ord(5265)
Ord(4242)
Ord(860)
Ord(5731)
_except_handler3
__CxxFrameHandler
_mbsicmp
_acmdln
_adjust_fdiv
__p__fmode
__p__commode
__setusermatherr
_mbscmp
_setmbcp
__dllonexit
_onexit
_controlfp
exit
_XcptFilter
__getmainargs
_exit
_initterm
__set_app_type
OlyAPC_Exit
OlyAPC_RegisterEventCallback
OlyAPC_Init
OlyIL_RegisterEventCallback
OlyIL_EventExit
OlyIL_EventInit
OlyInitDetectLib
OlyCloseDetectLib
OlyGetCameraCount
OlyGetShareCount
OlyGetKuraCount
OlyGetShareVolNum
OlyGetKuraVolNum
OlyGetCamVolNum
Ord(1)
?OlyGetString@@YA?AVCString@@PAXIAAV1@@Z
Ord(10)
Ord(2)
Ord(9)
?OLYID_FNPCMD_GetImageFromCamera@@3U_GUID@@B
?OLYID_FNPCMD_Browse@@3U_GUID@@B
?OLYID_FNPCMD_GetImageFromMedia@@3U_GUID@@B
ShellExecuteA
Shell_NotifyIconA
GetCursorPos
GetSystemMetrics
SetTimer
IsWindow
LoadIconA
UpdateWindow
EnableWindow
PostMessageA
KillTimer
SendMessageA
SetForegroundWindow
GetClientRect
LoadImageA
RegisterWindowMessageA
CreatePopupMenu
AppendMenuA
SetClassLongA
GetClassLongA
InvalidateRect
CoUninitialize
StringFromIID
CoTaskMemFree
CoInitialize
?OlySetRegValue@@YAHPAUHKEY__@@PBD11@Z
?OlyGetRegValue@@YAHPAUHKEY__@@PBD1PAK@Z
?OlySetRegValue@@YAHPAUHKEY__@@PBD1K@Z
?OlyGetFolderPath@@YAHHAAVCString@@@Z
?OlyGetRegValue@@YAHPAUHKEY__@@PBD1AAVCString@@@Z
?CreateOly@COlyPushButton@@QAEHPBDVCPoint@@HPAVCWnd@@IKK@Z
??1COlyStatic@@UAE@XZ
?WindowProc@COlyDialog@@MAEJIIJ@Z
?OnInitDialog@COlyDialog@@MAEHXZ
??1COlyDialog@@UAE@XZ
?OnPaint@COlyDialog@@IAEXXZ
?WM_OLY_FIND_FOREGROUND_WINDOW@@3IA
??0COlyDialog@@QAE@IPAVCWnd@@@Z
??0COlyStatic@@QAE@XZ
??1COlyPushButton@@UAE@XZ
??0COlyPushButton@@QAE@XZ
?OnDestroy@COlyDialog@@IAEXXZ
?messageMap@COlyDialog@@1UAFX_MSGMAP@@B
?OlySkinInit@@YAHXZ
_OlyGetSkinMgrInstance@4
?OlyInitSkinOld@@YAHXZ
?OlySkinExit@@YAHXZ
Number of PE resources by type
RT_ICON 7
RT_DIALOG 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
JAPANESE DEFAULT 9
NEUTRAL 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.4.2.5

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
36864

EntryPoint
0x463e

OriginalFileName
Monitor.EXE

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2004-2006 OLYMPUS IMAGING CORP.

FileVersion
1, 4, 2, 5

TimeStamp
2006:05:16 09:51:03+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Monitor

ProductVersion
1, 4, 2, 5

FileDescription
resident module

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
OLYMPUS IMAGING CORP.

CodeSize
16384

ProductName
OLYMPUS Master

ProductVersionNumber
1.4.2.5

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 8a3ceb8d00e8947bdaf411b34c082ada
SHA1 45de69e0c688f8b231cbab955c0c8756eb81b651
SHA256 e1b5394606a2ac8d0efed3721187b26dcf8b72fd709a6f30e936bbd140137c2a
ssdeep
768:bBfL2N90hd0XvEglcfWdsk3sBznzIefXDXgdXMk49P99wM7v/HC9:bINSCEglcfWdsasREeMS9P999je

authentihash 39129bf0ec0597ed91907cf482377fe03a55da24a240deabc1818f87797caa5a
imphash e46b08cfc8eb592f21fac9aa43f362ce
File size 56.0 KB ( 57344 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe armadillo

VirusTotal metadata
First submission 2009-03-27 19:42:59 UTC ( 9 years, 12 months ago )
Last submission 2012-09-05 13:59:19 UTC ( 6 years, 6 months ago )
File names monitor.exe
monitor.exe
file-2362854_exe
Monitor
Monitor.exe
monitor.exe
Monitor.exe
Monitor.exe
monitor.exe
Monitor.exe
Monitor.EXE
13B9736600FE4508E08B00C7AFD79400FF55DDCD.exe
8A3CEB8D00E8947BDAF411B34C082ADA
Monitor.exe
monitor.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!