home

PacketMonitorResident.exe

フレッツ 光ライト/光ライトプラス 導入診断ツール

NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Packet Monitor Graph’.
Publisher:
東日本電信電話株式会社  (signed by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION)

Product:
フレッツ 光ライト/光ライトプラス 導入診断ツール

Version:
1, 2, 2, 0

MD5:
839f55f6c179e4c0f18c2565e6b14468

SHA-1:
87411f991e35079d6502445ddccd35f294e9476c

SHA-256:
ae2338f7516bd1ecd87a71b18d2fa8b303ad1c99cdf0311e18a319e577170955

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2024 10:35:07 PM UTC  (today)

File size:
873.2 KB (894,192 bytes)

Product version:
1, 2, 2, 0

Copyright:
Copyright(C)2016 東日本電信電話株式会社

Original file name:
PacketMonitorResident.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\ntte\communicationchargediagnosistool\packetmonitorresident.exe

Digital Signature
Signed by:
NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION

Authority:
Symantec Corporation

Valid from:
1/27/2016 9:00:00 AM

Valid to:
1/27/2017 8:59:59 AM

Subject:
CN=NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION, OU=New Business Development Headquarters 1st Division, O=NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION, L=Shinjuku-ku, S=Tokyo, C=JP

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
5CF17E9F188F177A5750153FFCBEACD3

File PE Metadata
Compilation timestamp:
2/25/2016 2:04:19 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:iATNrdlGOLWxWXyAnwOiIDl9qomtU1uO5RU5XFW:iAxrWxWfpi49qomtU1uO5RU5X0

Entry address:
0x36933

Entry point:
E8, 49, 9A, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, 56, 33, F6, 3B, C6, 75, 1C, E8, A9, 3E, 00, 00, 56, 56, 56, 56, 56, C7, 00, 16, 00, 00, 00, E8, 6F, F3, FF, FF, 83, C4, 14, 33, C0, EB, 06, 8B, 40, 0C, 83, E0, 20, 5E, 5D, C3, 6A, 0C, 68, D8, 38, 4A, 00, E8, 1F, 38, 00, 00, 33, FF, 89, 7D, E4, 33, C0, 8B, 75, 0C, 3B, F7, 0F, 95, C0, 3B, C7, 75, 20, E8, 65, 3E, 00, 00, C7, 00, 16, 00, 00, 00, 57, 57, 57, 57, 57, E8, 2B, F3, FF, FF, 83, C4, 14, 83, C8, FF, E9, BC, 00, 00, 00, 56, E8, 38...
 
[+]

Entropy:
6.6861

Code size:
557 KB (570,368 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Packet Monitor Graph

Command:
C:\Program Files\ntte\communicationchargediagnosistool\packetmonitorresident.exe


Scan PacketMonitorResident.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.