lmadimon.exe

Lexmark International, Inc.

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘LMADImon’.
Publisher:
Lexmark International, Inc.  (signed and verified)

Description:
Printer Device Monitor

Version:
0.1.25.0

MD5:
c0d16a7e2c54b394892a08c90afe69bf

SHA-1:
4e140a3f0c260a773ea2b099d55c967498aa3dfa

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/2/2016 11:31:40 PM UTC  (today)

File size:
924.7 KB (946,856 bytes)

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\lexmark pro710 series\lmadimon.exe

Digital Signature
Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
6/22/2009 7:00:00 PM

Valid to:
8/3/2011 6:59:59 PM

Subject:
CN="Lexmark International, Inc.", OU=PS&SD BUSINESS SOFTWARE & SOLUTIONS, O="Lexmark International, Inc.", L=Lexington, S=Kentucky, C=US

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
379E69DA6C2693E3297B6FE45D78EBE1

File PE Metadata
Compilation timestamp:
6/17/2011 2:36:43 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:CzkZSVXl7cdkp/11tuxfs1cp87m6/H18z0K20sMU/sfm58Z/f+1oUrPlPfAN9fq:CQHdkZdua1c877H1YZfm580tPlXANk

Entry address:
0x6058A

Entry point:
E8, 3A, F5, 00, 00, E9, 16, FE, FF, FF, 55, 8B, EC, 51, 53, 56, 8B, F1, 33, DB, 3B, F3, 75, 1E, E8, D0, 5B, 00, 00, 6A, 16, 5E, 53, 53, 53, 53, 53, 89, 30, E8, FB, D5, FF, FF, 83, C4, 14, 8B, C6, E9, A9, 00, 00, 00, 39, 5D, 08, 57, 77, 1E, E8, AC, 5B, 00, 00, 6A, 16, 5E, 53, 53, 53, 53, 53, 89, 30, E8, D7, D5, FF, FF, 83, C4, 14, 8B, C6, E9, 84, 00, 00, 00, 33, C9, 39, 5D, 10, 88, 1E, 0F, 95, C1, 41, 39, 4D, 08, 77, 09, E8, 7E, 5B, 00, 00, 6A, 22, EB, D0, 8B, 4D, 0C, 83, C1, FE, 83, F9, 22, 77, BE, 39, 5D...
 
[+]

Entropy:
6.4133

Code size:
748 KB (765,952 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
LMADImon

Command:
"C:\Program Files\lexmark pro710 series\lmadimon.exe"