home

monitor.exe

BACK Monitor Application

Sunplus Innovation Technology Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Integrated Camera_Monitor’.
Publisher:
SunplusIT, Inc.  (signed by Sunplus Innovation Technology Inc.)

Product:
BACK Monitor Application

Version:
2.3.2.32

MD5:
04ee7516745f6045bdd3e7f4aa2c341a

SHA-1:
7cc0b74106f76d4e19ffb978b3146781ff419fa8

SHA-256:
b28f2c52c76fc9a507a54e2661d29113e21e58edbaea4aa6eec69d209e86b02d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 11:02:56 AM UTC  (today)

File size:
1.6 MB (1,719,968 bytes)

Product version:
2.3.2.32

Copyright:
CopyRight (C) 2010-2015

Original file name:
BACK.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\integrated camera\monitor.exe

Digital Signature
Signed by:
Sunplus Innovation Technology Inc.

Authority:
VeriSign, Inc.

Valid from:
12/2/2013 6:00:00 PM

Valid to:
1/19/2017 5:59:59 PM

Subject:
CN=Sunplus Innovation Technology Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Sunplus Innovation Technology Inc., L=Hsinchu, S=Hsinchu, C=TW

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
49CB7BCC9A56E357497F8C172FCC181C

File PE Metadata
Compilation timestamp:
2/19/2014 8:31:58 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
49152:e7OPeX8IbOx4JcJzBc5ku0hSERzZI5SdNDSPiR:gOPeX63WybqSdkPw

Entry address:
0x122BEE

Entry point:
E8, 88, C5, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, C0, 5D, 59, 00, E8, 9C, 21, 00, 00, E8, 55, C7, 00, 00, 0F, B7, F0, 6A, 02, E8, 1B, C5, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 8A, BA, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Entropy:
7.8001  (probably packed)

Code size:
1.3 MB (1,357,312 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Integrated Camera_Monitor

Command:
"C:\Program Files\integrated camera\monitor.exe"


Scan monitor.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.