home

SASDMonitorWinSvc.exe

SASDMonitorWinSvc

Cisco Systems

It runs as a separate (within the context of its own process) windows Service named “Cisco SASD Monitor Service”.
Publisher:
Cisco Systems, Inc.  (signed by Cisco Systems)

Product:
SASDMonitorWinSvc

Version:
1.0.0.0

MD5:
98ae935f885d411c320522bb7645ae60

SHA-1:
343dff37e59bf703d58b2e1efd24bdc9d5c86d2b

SHA-256:
8bb7b60579149e46d6a5ca0d4562f1f6bfae4049b665e3388aabc023e9b2436d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 11:57:50 AM UTC  (today)

File size:
17.2 KB (17,584 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © Cisco Systems 2012

Original file name:
SASDMonitorWinSvc.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\cisco\safety and security desktop x64\sasdmonitorwinsvc.exe

Digital Signature
Signed by:
Cisco Systems

Authority:
Thawte, Inc.

Valid from:
1/31/2012 4:00:00 PM

Valid to:
3/30/2014 4:59:59 PM

Subject:
CN=Cisco Systems, OU=INFORMATION SECURITY, O=Cisco Systems, L=San Jose, S=California, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
7147A90EDAB87546A8EFF16033FD9EB5

File PE Metadata
Compilation timestamp:
8/15/2013 3:21:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
192:eGqbWSIAqFgby/cazupgQGxmVM1enf9gk83F0ou7+wse+PjP816BfsSM:ejbzaFgbykuupgrgM4nFg/uSPL8j

Entry address:
0x3CDE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.0758

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
7.5 KB (7,680 bytes)

Service
Display name:
Cisco SASD Monitor Service

Service name:
SASDMonitorWindowsService

Type:
Win32OwnProcess


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.