home

viritmon.sys

VirIT Security Monitor

TG Soft S.a.s. Di Tonello Gianfranco e C.

It runs as a Windows kernel mode device driver named “VIRITMON”.
Publisher:
TG Soft S.a.s. - www.tgsoft.it  (signed by TG Soft S.a.s. Di Tonello Gianfranco e C.)

Product:
VirIT Security Monitor

Version:
3, 29, 0, 0

MD5:
87a4334fd5851fb9424cdadb1285e8e7

SHA-1:
ffddbe427d95b4bd701235c180fab50eec86c5ce

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 3:07:47 PM UTC  (today)

File size:
201.9 KB (206,720 bytes)

Product version:
3, 29, 0, 0

Copyright:
Copyright (C) TG Soft S.a.s. 1999-2015

Original file name:
viritmon.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Digital Signature
Signed by:
TG Soft S.a.s. Di Tonello Gianfranco e C.

Authority:
VeriSign, Inc.

Valid from:
12/31/2012 1:00:00 AM

Valid to:
3/1/2016 12:59:59 AM

Subject:
CN=TG Soft S.a.s. Di Tonello Gianfranco e C., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=TG Soft S.a.s. Di Tonello Gianfranco e C., L=Rubano, S=Padova, C=IT

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4CCCACCF48F6D93FB37178D7FCE6209C

File PE Metadata
Compilation timestamp:
9/28/2015 10:35:35 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
6.0

CTPH (ssdeep):
1536:Bpn2uKm0gQJy0hYByYmyXN+eNNJbJHFF14Je0sj7O2L6flddjC43HAqFUCQrQSyO:BpnLKjh5yX5zHFF1n3h6fB7QaUZS7y

Entry address:
0x772A

Entry point:
55, 8B, EC, 81, EC, 84, 01, 00, 00, 53, 56, 57, 6A, 08, 59, BE, CE, 72, 01, 00, 8D, 7D, A8, 6A, 0A, F3, A5, 66, A5, 59, BE, F2, 72, 01, 00, 8D, BD, 7C, FF, FF, FF, 6A, 01, F3, A5, 66, A5, 5E, 8D, 45, FC, 33, DB, 50, 8D, 45, F8, 53, 83, 4D, FC, FF, 50, 68, 1E, 73, 01, 00, 68, 32, 73, 01, 00, 6A, 02, 89, 35, 64, AE, 02, 00, 5F, 89, 35, E0, AD, 02, 00, 57, 89, 35, 68, 19, 02, 00, 89, 1D, A8, 6D, 02, 00, 89, 1D, 20, 3D, 02, 00, E8, 87, A0, FF, FF, 83, 7D, FC, FF, 74, 17, 56, 53, 6A, 04, 68, 56, 73, 01, 00, 68...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
68.8 KB (70,496 bytes)

Driver
Display name:
VIRITMON

Type:
Kernel device driver (KernelDriver)


Scan viritmon.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.