home

gmonpro281_oju.exe

Medizin & Service GmbH

This is a setup program which is used to install the application. The file has been seen being downloaded from www.gmon.eu.
Publisher:
Medizin & Service GmbH  (signed and verified)

Version:
2.8.1.0

MD5:
faa304a65c16a640cc99fcf61be0eff9

SHA-1:
121cbeabf2b4c2e19afdfabe437fc93b6b44f00e

SHA-256:
26eaba716ce5dfcc595fb33df0256ccd654fced351516d33cae2b7fe311bc727

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/27/2024 1:20:10 AM UTC  (today)

File size:
13.9 MB (14,598,664 bytes)

Product version:
1.0.0.0

Copyright:
(c) 2013 by Medizin & Service GmbH

File type:
Executable application (Win32 EXE)

Language:
German (Germany)

Common path:
C:\users\{user}\downloads\gmonpro281_oju.exe

Digital Signature
Signed by:
Medizin & Service GmbH

Authority:
COMODO CA Limited

Valid from:
10/10/2011 2:00:00 AM

Valid to:
10/10/2014 1:59:59 AM

Subject:
CN=Medizin & Service GmbH, O=Medizin & Service GmbH, STREET=Boettcherstraße 10, L=Chemnitz, S=Sachsen, PostalCode=09117, C=DE

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
1EE4FD888ED0210757CBD4FEBF4203C1

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
393216:IvN/es4oDJyO2MDhPBl4TO12IzGy8wL3TFr:sN2XoNyOXOOQcXJ

Entry address:
0x7E784

Entry point:
55, 8B, EC, 83, C4, F0, B8, 54, D6, 47, 00, E8, C8, 7E, F8, FF, A1, C8, 24, 48, 00, 8B, 00, E8, 68, 4A, FE, FF, A1, C8, 24, 48, 00, 8B, 00, BA, E4, E7, 47, 00, E8, D7, 44, FE, FF, 8B, 0D, F0, 23, 48, 00, A1, C8, 24, 48, 00, 8B, 00, 8B, 15, C4, 52, 47, 00, E8, 57, 4A, FE, FF, A1, C8, 24, 48, 00, 8B, 00, E8, CB, 4A, FE, FF, E8, 6E, 5F, F8, FF, 00, 00, FF, FF, FF, FF, 11, 00, 00, 00, 49, 6E, 73, 74, 61, 6C, 6C, 61, 74, 69, 6F, 6E, 20, 47, 4D, 4F, 4E, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
500.5 KB (512,512 bytes)

The file gmonpro281_oju.exe has been seen being distributed by the following URL.

http://www.gmon.eu/download/.../GMonProV281_oju

Scan gmonpro281_oju.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.