home

nmservermon.exe

NetModem

PC Micro Systems Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘NetModem Server Monitor’.
Publisher:
PC Micro  (signed by PC Micro Systems Inc.)

Product:
NetModem

Description:
NetModem Server

Version:
3, 9, 3, 0

MD5:
c0253183bc9a0ca6aff0f93c1cbe5e34

SHA-1:
7425363c8e8933319ded07fb7dd24c9a8828b3e1

SHA-256:
d48d5955daab3765292ef237482cc6ced11ce6a8439ece4c0268006ca8d38cf8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/8/2024 1:30:56 AM UTC  (today)

File size:
365.8 KB (374,624 bytes)

Product version:
3, 9, 3, 0

Copyright:
Copyright © 1997-2012 PC Micro Systems, Inc. && Odin SW

Trademarks:
NetModem is a Trademark of PC Micro Systems, Inc.

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\netmodem\server\nmservermon.exe

Digital Signature
Signed by:
PC Micro Systems Inc.

Authority:
GlobalSign nv-sa

Valid from:
4/29/2010 4:51:59 PM

Valid to:
4/29/2012 4:51:57 PM

Subject:
E=support@pcmicro.com, CN=PC Micro Systems Inc., O=PC Micro Systems Inc., L=Thousand Oaks, S=CA, C=US

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
010000000001284BC49063

File PE Metadata
Compilation timestamp:
3/22/2012 10:26:09 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
6144:16lgNkZ3mlsl0Zb7Vy0FyNTpMpYH3UutdKrhKaGmO9Q4nz+m1+og:Elgy3mlhR802pMabdKRM6m1u

Entry address:
0x2F140

Entry point:
48, 83, EC, 28, E8, D7, 05, 00, 00, 48, 83, C4, 28, E9, BE, FC, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 48, 89, 5C, 24, 08, 48, 89, 6C, 24, 10, 48, 89, 74, 24, 18, 48, 89, 7C, 24, 20, 41, 54, 48, 83, EC, 20, 4D, 8B, 51, 38, 48, 8B, F2, 4D, 8B, E0, 41, 8B, 02, 48, 8B, E9, 49, 8B, D1, 48, 03, C0, 48, 8B, CE, 49, 8B, F9, 49, 8D, 5C, C2, 04, 4C, 8B, C3, E8, 3D, 06, 00, 00, F6, 45, 04, 66, 44, 8B, 1B, 75, 06, 41, 83, E3, 01, EB, 04, 41, 83, E3, 02, 45, 85, DB, 74, 13, 4C, 8B, CF, 4D, 8B...
 
[+]

Entropy:
5.8184

Code size:
189 KB (193,536 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
NetModem Server Monitor

Command:
C:\Program Files\netmodem\server\nmservermon.exe -service


Scan nmservermon.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.