home

monitor.exe

Chameleon Monitor

Evgeni Shmakov

It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in.
Publisher:
NeoSoft Tools  (signed by Evgeni Shmakov)

Product:
Chameleon Monitor

Version:
3.0.0.1083

MD5:
37a843449300707c5a2daefb93e45f05

SHA-1:
df40d8b049364636dd1ad0e3861b7577ca316d44

SHA-256:
3657bb25880fa0dc39f2a027379690a151c1a6f46e3cc434f6ca04663f1b7a4c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 12:18:06 PM UTC  (today)

File size:
5.1 MB (5,332,952 bytes)

Product version:
3.0.0.1083

Copyright:
Copyright (c) 2002-2012 NeoSoft Tools

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\common files\chameleon manager\monitor.exe

Digital Signature
Signed by:
Evgeni Shmakov

Authority:
StartCom Ltd.

Valid from:
3/23/2012 7:04:04 AM

Valid to:
3/24/2014 12:58:21 AM

Subject:
E=evgeni@neosoft-tools.com, CN=Evgeni Shmakov, L=Yekaterinburg, S=Sverdlovsk Oblast, C=RU, Description=69m13gixZc30Ix8f

Issuer:
CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
059A

File PE Metadata
Compilation timestamp:
6/21/2012 10:46:29 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:3v9B7tqjFkIg9rQcAJvQMckRLOVtEMKo+AuDq9HTnr6DEYaKV:3v9B7tqjFkIg9rQcAJvWBJvYH

Entry address:
0x3B0FE0

Entry point:
55, 8B, EC, B9, 27, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 51, 53, 56, 57, B8, 50, FB, 79, 00, E8, 87, 9B, C5, FF, 33, C0, 55, 68, 33, 24, 7B, 00, 64, FF, 30, 64, 89, 20, A1, A8, 2F, 7E, 00, C6, 00, 00, 8D, 55, B8, B8, 01, 00, 00, 00, E8, 1C, 34, C5, FF, 8B, 45, B8, BA, 50, 24, 7B, 00, E8, 87, 68, C5, FF, 75, 0F, 68, E8, 03, 00, 00, E8, 57, AA, C5, FF, E9, BF, 13, 00, 00, 8D, 55, B4, B8, 01, 00, 00, 00, E8, F1, 33, C5, FF, 8B, 45, B4, BA, 6C, 24, 7B, 00, E8, 5C, 68, C5, FF, 0F, 85, 8F, 00, 00, 00, 68, 90...
 
[+]

Entropy:
6.6120

Developed / compiled with:
Microsoft Visual C++

Code size:
3.7 MB (3,873,280 bytes)

Scheduled Task
Task name:
Chameleon Monitor-startup-User

Trigger:
Logon (Runs on logon)


Scan monitor.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.