» monitor.exe
Overview
Analysis
File Details
Behaviors (1)

monitor.exe

Chameleon Monitor

Evgeni Shmakov

It runs as a scheduled task under the Windows Task Scheduler.

File name:

monitor.exe

Publisher:

NeoSoft Tools (signed by Evgeni Shmakov)

Product:

Chameleon Monitor

Version:

3.0.0.1220

MD5:

afca142fe4c15f6f4f8579a260db6fb6

SHA-1:

e4f7c014fb5ac5283c65fba6ba3b7f1686fe1ca2

SHA-256:

6f14f65e847aae1cf62091c6bedd05801b1163bb64b2de152bbd18fc23cecae4

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/23/2024 2:28:06 PM UTC (today)

Scan engine

Detection

Engine version

Trend Micro House Call

TROJ_GEN.F47V0823

7.2.186

ViRobot

Trojan.Win32.A.Zbot.4248008

2011.4.7.4223

File size:

7.3 MB (7,626,104 bytes)

Product version:

3.0.0.1220

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\common files\chameleon manager\monitor.exe

Digital Signature

Signed by:

Evgeni Shmakov

Authority:

StartCom Ltd.

Valid from:

3/23/2012 2:04:04 AM

Valid to:

3/23/2014 7:58:21 PM

Subject:

E=evgeni@neosoft-tools.com, CN=Evgeni Shmakov, L=Yekaterinburg, S=Sverdlovsk Oblast, C=RU, Description=69m13gixZc30Ix8f

Issuer:

CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:

059A

File PE Metadata

Compilation timestamp:

2/16/2014 1:54:16 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

196608:xwbZnZxHneIKvk2inDjPnysEnZJae2XWf7+lYja:xwbZnZxHneIKvk2inDjPnysEnZJ7uWf8

Entry address:

0x537BF4

Entry point:

55, 8B, EC, 83, C4, F0, B8, 30, 67, 92, 00, E8, 04, 32, AD, FF, E8, 5B, C3, FA, FF, E8, 56, E8, AC, FF, 8B, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.7079

Developed / compiled with:

Microsoft Visual C++

Code size:

5.2 MB (5,465,088 bytes)

Scheduled Task

Task name:

Chameleon Monitor-Henry

Scan monitor.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.