home

gmonadmin.exe

Medizin & Service GmbH

It runs as a scheduled task under the Windows Task Scheduler.
Publisher:
Medizin & Service GmbH  (signed and verified)

Version:
3.1.0.0

MD5:
04e18488e613ec054bf6cf63742ab043

SHA-1:
60602d6a6a72c6ca522211767ece6322f231a57a

SHA-256:
8fc36e73fe02133a8f19c3552788f24ac2a8952d566a47ddfe420acd14d97036

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 12:43:12 AM UTC  (today)

File size:
1.5 MB (1,595,952 bytes)

Copyright:
(c) 2012 by Medizin & Service GmbH

File type:
Executable application (Win32 EXE)

Language:
German (Germany)

Common path:
C:\Program Files\medserv\gmon3\gmonadmin.exe

Digital Signature
Signed by:
Medizin & Service GmbH

Authority:
COMODO CA Limited

Valid from:
10/10/2011 2:00:00 AM

Valid to:
10/10/2014 1:59:59 AM

Subject:
CN=Medizin & Service GmbH, O=Medizin & Service GmbH, STREET=Boettcherstraße 10, L=Chemnitz, S=Sachsen, PostalCode=09117, C=DE

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
1EE4FD888ED0210757CBD4FEBF4203C1

File PE Metadata
Compilation timestamp:
6/18/2012 1:47:16 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:IbPXfJeMYN15XZkomQP9VfBod2fspPsVf3yU1cPiQ91G:+wpmE4Ps9AiQ91G

Entry address:
0x128AF0

Entry point:
55, 8B, EC, 83, C4, F0, B8, 48, 6C, 52, 00, E8, F8, FD, ED, FF, E8, 4F, 35, FF, FF, 84, C0, 75, 60, A1, CC, EF, 52, 00, 8B, 00, E8, 8B, F4, F5, FF, A1, CC, EF, 52, 00, 8B, 00, BA, 7C, 8B, 52, 00, E8, DE, EE, F5, FF, 8B, 0D, 2C, EC, 52, 00, A1, CC, EF, 52, 00, 8B, 00, 8B, 15, AC, B6, 51, 00, E8, 7A, F4, F5, FF, A1, CC, EF, 52, 00, 8B, 00, E8, BE, F5, F5, FF, A1, 38, ED, 52, 00, 80, 38, 00, 74, 15, A1, F4, EB, 52, 00, 8B, 00, E8, E8, B1, ED, FF, A1, F4, EB, 52, 00, 33, D2, 89, 10, E8, 72, C2, ED, FF, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
1.2 MB (1,207,808 bytes)

Scheduled Task
Task name:
{1C89803F-B43E-49BE-B252-E8366D982142}

Trigger:
Registration (Runs on registration)


Scan gmonadmin.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.