home

viritmon.sys

VirIT Security Monitor

TG Soft S.a.s. Di Tonello Gianfranco e C.

It runs as a Windows kernel mode device driver named “VIRITMON”.
Publisher:
TG Soft S.a.s. - www.tgsoft.it  (signed by TG Soft S.a.s. Di Tonello Gianfranco e C.)

Product:
VirIT Security Monitor

Version:
3, 25, 0, 11

MD5:
de564d2218a9190dac032107683a3a7e

SHA-1:
cc118cc1b7a6f48cbdb68c22dffa51c5104210c2

SHA-256:
e7e9c301aa4c3582587a4556adfc2e9f8ec28dd0604a94965c151522938561ec

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/11/2024 2:01:29 AM UTC  (today)

File size:
198.7 KB (203,448 bytes)

Product version:
3, 25, 0, 11

Copyright:
Copyright (C) TG Soft S.a.s. 1999-2015

Original file name:
viritmon.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Digital Signature
Signed by:
TG Soft S.a.s. Di Tonello Gianfranco e C.

Authority:
VeriSign, Inc.

Valid from:
12/31/2012 1:00:00 AM

Valid to:
3/1/2016 12:59:59 AM

Subject:
CN=TG Soft S.a.s. Di Tonello Gianfranco e C., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=TG Soft S.a.s. Di Tonello Gianfranco e C., L=Rubano, S=Padova, C=IT

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4CCCACCF48F6D93FB37178D7FCE6209C

File PE Metadata
Compilation timestamp:
5/14/2015 1:03:05 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
6.0

CTPH (ssdeep):
1536:4Su2lSDP5H6Ey6BXEXWv6I5o/rSwvXN1hiQZh75P/hldBDfvixMQiQPQPHP:4nG05Py6BXxoTSwvd7ZvhlDSix/P

Entry address:
0x70E4

Entry point:
55, 8B, EC, 81, EC, 74, 01, 00, 00, 53, 56, 57, 6A, 08, 59, BE, 74, 6E, 01, 00, 8D, 7D, B8, 6A, 0A, F3, A5, 66, A5, 59, BE, 98, 6E, 01, 00, 8D, 7D, 8C, 6A, 01, F3, A5, 58, 33, DB, A3, A4, A6, 02, 00, A3, 20, A6, 02, 00, A3, C8, 11, 02, 00, 8D, 45, EC, 50, 8D, 45, F4, 53, 50, 68, C4, 6E, 01, 00, 68, D0, 6E, 01, 00, 66, A5, 6A, 02, 89, 1D, 08, 66, 02, 00, 5F, 89, 1D, 80, 35, 02, 00, 57, E8, F9, A5, FF, FF, 81, 7D, EC, 34, 12, 00, 00, 75, 24, 68, E4, 6E, 01, 00, 68, F4, 6E, 01, 00, 57, E8, E6, A3, FF, FF, 53...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
66.9 KB (68,512 bytes)

Driver
Display name:
VIRITMON

Type:
Kernel device driver (KernelDriver)


Scan viritmon.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.