home

regmon64.exe

Sysinternals Regmon

Mark's Certificate

Publisher:
Sysinternals  (signed by Mark's Certificate)

Product:
Sysinternals Regmon

Description:
Sysinternals Registry Monitor

Version:
7.03

MD5:
831aab3212fb0978b7584ad77ca60dc7

SHA-1:
8fcf2e413d5e39ab586250a6b04679cdce2bef94

SHA-256:
4c77308331d6a40ed7375ae57f1141f64ddc8b9f7d1e582dd6385e9941344d6d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/17/2024 11:16:58 PM UTC  (a few moments ago)

File size:
206 KB (210,968 bytes)

Product version:
7.03

Copyright:
Copyright © 1996-2006 Mark Russinovich and Bryce Cogswell

Original file name:
Regmon.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\regmon64.exe

Digital Signature
Signed by:
Mark's Certificate

Authority:
Mark's Certificate

Valid from:
12/31/2004 11:00:00 PM

Valid to:
12/31/2010 11:00:00 PM

Subject:
CN=Mark's Certificate

Issuer:
CN=Mark's Certificate

Serial number:
DBC72CC7C648558741FAE6250666BC73

File PE Metadata
Compilation timestamp:
7/14/2006 9:18:08 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
3072:CDFpvf5fzRZaZ3eBt1JasNbXkj4f+Y4J5w+QaJ8ReAJJv1s4YbPFCiLwOfkR:wPvp/0e3dNbXkjsIQ5eAJJds4I4Z

Entry address:
0xCAB0

Entry point:
48, 81, EC, C8, 00, 00, 00, 48, 89, 9C, 24, C0, 00, 00, 00, 48, 89, BC, 24, B8, 00, 00, 00, 48, 8D, 4C, 24, 40, FF, 15, 2E, C8, 00, 00, 90, FF, 15, 9F, C8, 00, 00, 48, 8B, C8, 41, B8, 94, 00, 00, 00, 33, D2, FF, 15, 96, C8, 00, 00, 48, 8B, D8, 48, 85, C0, 75, 2C, 83, 3D, FF, 64, 01, 00, 01, 75, 05, E8, 50, 43, 00, 00, B9, 12, 00, 00, 00, E8, 16, 41, 00, 00, B9, FF, 00, 00, 00, E8, AC, 3E, 00, 00, B8, FF, 00, 00, 00, E9, 2C, 02, 00, 00, C7, 00, 94, 00, 00, 00, 48, 8B, C8, FF, 15, 13, C8, 00, 00, 85, C0, 75...
 
[+]

Entropy:
5.8528

Code size:
94 KB (96,256 bytes)

Scan regmon64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.