home

IDProtect Monitor.exe

IDProtect Client

Athena Smartcard Solutions

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘IDProtect Monitor’.
Publisher:
Athena Smartcard Solutions  (signed and verified)

Product:
IDProtect Client

Description:
IDProtect Monitor

Version:
4, 6, 0, 4

MD5:
82d85f6299d3e1bb74bdcd03d30b48ee

SHA-1:
af7cf66f9c17f9dd3ddf3b9fbf67d3d0f7a39871

SHA-256:
66387ee53fd45570fce92079c010bf016433a6dc59b6cf66b42044e51c92c14f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 3:13:14 PM UTC  (today)

File size:
316.1 KB (323,664 bytes)

Product version:
4, 6, 0, 4

Copyright:
Athena-scs (c). All rights reserved.

Original file name:
IDProtect Monitor.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\athena\idprotect client\utils\idprotect monitor.exe

Digital Signature
Signed by:
Athena Smartcard Solutions

Authority:
VeriSign, Inc.

Valid from:
4/30/2009 5:30:00 AM

Valid to:
6/16/2011 5:29:59 AM

Subject:
CN=Athena Smartcard Solutions, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Athena Smartcard Solutions, L=Herzliya, S=Herzliya, C=IL

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
438192A562899CDCE1489D1C27800049

File PE Metadata
Compilation timestamp:
1/24/2010 3:15:21 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
3072:jbblsWAW60u2WLWfKLai3BbbqMvye+PNsYEmm3xKlppkS:jXH5vma6bqGye++N3mppt

Entry address:
0x1938F

Entry point:
E8, 35, 9F, 00, 00, E9, 17, FE, FF, FF, 8B, 44, 24, 04, 85, C0, 74, 12, 83, E8, 08, 81, 38, DD, DD, 00, 00, 75, 07, 50, E8, D1, E5, FF, FF, 59, C3, 55, 8B, EC, 83, EC, 14, A1, 84, A5, 43, 00, 33, C5, 89, 45, FC, 53, 56, 33, DB, 39, 1D, 30, C7, 43, 00, 57, 8B, F1, 75, 38, 53, 53, 33, FF, 47, 57, 68, 98, 29, 43, 00, 68, 00, 01, 00, 00, 53, FF, 15, B0, B9, 43, 00, 85, C0, 74, 08, 89, 3D, 30, C7, 43, 00, EB, 15, FF, 15, 60, 01, 43, 00, 83, F8, 78, 75, 0A, C7, 05, 30, C7, 43, 00, 02, 00, 00, 00, 39, 5D, 14, 7E...
 
[+]

Entropy:
6.2308

Code size:
188 KB (192,512 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
IDProtect Monitor

Command:
"C:\Program Files\athena\idprotect client\utils\idprotect monitor.exe"


Scan IDProtect Monitor.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.