home

ms6monitor.exe

Level 10 M Monitor Application

DEXIN

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Tt eSPORTS THERON Gaming Mouse’.
Publisher:
Thermaltake  (signed by DEXIN)

Product:
Level 10 M Monitor Application

Version:
1, 0, 0, 1

MD5:
f83979b11bf772ad9d14ce4e42bba0a7

SHA-1:
c0858f74a4bc22f067029ce812bc05161ef4f383

SHA-256:
35d821cf2280c466738cbd401839a7ded3f63161afe881555b0fc0a01235de78

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 1:20:54 AM UTC  (today)

File size:
117 KB (119,776 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 2012

Original file name:
BLACKMonitor.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (Traditional, Taiwan)

Common path:
C:\Program Files\tt esports\tt esports theron infrared\ms6monitor.exe

Digital Signature
Signed by:
DEXIN

Authority:
VeriSign, Inc.

Valid from:
5/25/2012 5:00:00 PM

Valid to:
3/5/2015 3:59:59 PM

Subject:
CN=DEXIN, OU=Research & Developement, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=DEXIN, L="Chung Ho City, Taipei County", S=Taiwan, C=TW

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
622C47C38CA306EB0ABF7F90EB635E6E

File PE Metadata
Compilation timestamp:
10/18/2012 11:02:30 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
1536:mp5MmAyeHUPoMMNYR7JbwGYlQrCMu+CM+TtBVsYIPkRGYaOUrPiyzY:mzM6e0PZwYR9ClQOMibtkVrOUrPiyz

Entry address:
0x64A0

Entry point:
E8, B0, 29, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 88, 91, 41, 00, 89, 0D, 84, 91, 41, 00, 89, 15, 80, 91, 41, 00, 89, 1D, 7C, 91, 41, 00, 89, 35, 78, 91, 41, 00, 89, 3D, 74, 91, 41, 00, 66, 8C, 15, A0, 91, 41, 00, 66, 8C, 0D, 94, 91, 41, 00, 66, 8C, 1D, 70, 91, 41, 00, 66, 8C, 05, 6C, 91, 41, 00, 66, 8C, 25, 68, 91, 41, 00, 66, 8C, 2D, 64, 91, 41, 00, 9C, 8F, 05, 98, 91, 41, 00, 8B, 45, 00, A3, 8C, 91, 41, 00, 8B, 45, 04, A3, 90, 91, 41, 00, 8D, 45, 08, A3, 9C, 91, 41...
 
[+]

Entropy:
5.6699

Code size:
53.5 KB (54,784 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Tt eSPORTS THERON Gaming Mouse

Command:
"C:\Program Files\tt esports\tt esports theron infrared\ms6monitor.exe" \automation


The file ms6monitor.exe has been discovered within the following program.

Tt eSPORTS THERON Infrared  by Tt eSPORTS
About 5% of users remove it
 
Powered by Should I Remove It?

Scan ms6monitor.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.