home

op_mon.exe

Agnitum Outpost

Agnitum Ltd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘OutpostMonitor’.
Publisher:
Agnitum Ltd.  (signed and verified)

Product:
Agnitum Outpost

Description:
Outpost User Interface

Version:
9.1.4652.16323

MD5:
5bde0e49e9c0476d8defceba57f7fa33

SHA-1:
510f7b08db1ce5f6ca6f3f34608288d57c293c73

SHA-256:
e41eedd8ec1be370748059a2e18b7fe77dc8ede6320187ed9fb66c0bf8833726

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 1:48:18 PM UTC  (today)

File size:
3.6 MB (3,723,368 bytes)

Product version:
9.1.4652.16323

Copyright:
Copyright (C) 1999-2013 Agnitum Ltd.

Original file name:
op_mon.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\agnitum\outpost security suite pro\op_mon.exe

Digital Signature
Signed by:
Agnitum Ltd.

Authority:
VeriSign, Inc.

Valid from:
2/9/2013 3:00:00 AM

Valid to:
2/10/2015 2:59:59 AM

Subject:
CN=Agnitum Ltd., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Agnitum Ltd., L=St. Petersburg, S=Russian Federation, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5D7CD2252D7F9D3B32D4D9157E1F194B

File PE Metadata
Compilation timestamp:
7/23/2014 5:43:03 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:+UhUalscMlnzU4Tzg5Pwc5P0SA0EuotHQWXWNGA2lWAWkGUWyPDARe4rwKSg1oY9:+bzbTs5P3lvQPwK+9QGT9

Entry address:
0x221AF2

Entry point:
E8, 53, 05, 00, 00, E9, 24, FD, FF, FF, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 4C, 30, 6F, 00, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 4C, 30, 6F, 00, 33, C5, 50, 89, 65, F0, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B...
 
[+]

Code size:
2.4 MB (2,494,464 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
OutpostMonitor

Command:
"C:\Program Files1\agnitum\outpos~1\op_mon.exe" \tray \noservice


Scan op_mon.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.