home

VolosMonitor.exe

Volos Monitor Application

DEXIN

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Tt eSPORTS VOLOS Gaming Mouse’.
Publisher:
Thermaltake  (signed by DEXIN)

Product:
Volos Monitor Application

Version:
1, 0, 0, 1

MD5:
c8ddbc1288701ba681d834d64ee289b9

SHA-1:
ec1e758d837a91dd73e362a24a64acac70d408aa

SHA-256:
d016ad3371f45c534840ff5cccd919ca46ffca4a833d5d6af9c876777927c9ea

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 6:16:55 AM UTC  (today)

File size:
144.3 KB (147,752 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 2012

Original file name:
VolosMonitor.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (Traditional, Taiwan)

Common path:
C:\Program Files\tt esports\tt esports volos\volosmonitor.exe

Digital Signature
Signed by:
DEXIN

Authority:
VeriSign, Inc.

Valid from:
5/25/2012 7:00:00 PM

Valid to:
3/5/2015 5:59:59 PM

Subject:
CN=DEXIN, OU=Research & Developement, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=DEXIN, L="Chung Ho City, Taipei County", S=Taiwan, C=TW

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
622C47C38CA306EB0ABF7F90EB635E6E

File PE Metadata
Compilation timestamp:
8/21/2014 7:52:36 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
1536:b4ta1FR8KzHuPADwl8OEixcotKlcciNiQo4sWjcd+XPXm/Y6I2KiXj:bBFOPuHFij2n+XPXm/Y6vxj

Entry address:
0x6CAD

Entry point:
E8, 3D, 2D, 00, 00, E9, 7F, FE, FF, FF, 6A, 08, 68, 20, 94, 41, 00, E8, 8D, 00, 00, 00, FF, 35, 48, 06, 42, 00, FF, 15, 24, 41, 41, 00, 85, C0, 74, 16, 83, 65, FC, 00, FF, D0, EB, 07, 33, C0, 40, C3, 8B, 65, E8, C7, 45, FC, FE, FF, FF, FF, E8, 01, 00, 00, 00, CC, 6A, 08, 68, 00, 94, 41, 00, E8, 55, 00, 00, 00, E8, 02, 25, 00, 00, 8B, 40, 78, 85, C0, 74, 16, 83, 65, FC, 00, FF, D0, EB, 07, 33, C0, 40, C3, 8B, 65, E8, C7, 45, FC, FE, FF, FF, FF, E8, 53, 2E, 00, 00, CC, E8, DA, 24, 00, 00, 8B, 40, 7C, 85, C0...
 
[+]

Entropy:
5.8838

Code size:
72.5 KB (74,240 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Tt eSPORTS VOLOS Gaming Mouse

Command:
"C:\Program Files\tt esports\tt esports volos\volosmonitor.exe" \automation


The file VolosMonitor.exe has been discovered within the following program.

Tt eSPORTS VOLOS  by Tt eSPORTS
About 6% of users remove it
 
Powered by Should I Remove It?

Scan VolosMonitor.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.