home

APMMonitor.exe

APMSETUP Monitor

Shiftworks Co.,Ltd

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘APMSETUPMONITOR’.
Publisher:
ShiftWorks  (signed by Shiftworks Co.,Ltd)

Product:
APMSETUP Monitor

Version:
1.0.0.0

MD5:
45b295447f71ed6c9180506652ebc907

SHA-1:
f6284295de29b13d24940095f7229663ab2cf958

SHA-256:
cda10b3ca17375e6dd255dca696690c9eea3cabdfd5209ed727a118a3e2e5a38

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/1/2025 3:09:39 PM UTC  (today)

File size:
337.5 KB (345,568 bytes)

Product version:
1.0.0.0

Copyright:
COPYRIGHT© SHIFTWORKS

Original file name:
APMMonitor.exe

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
Shiftworks Co.,Ltd

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
9/29/2008 4:26:39 PM

Valid to:
9/29/2009 4:26:39 PM

Subject:
CN="Shiftworks Co.,Ltd", OU=Dev team, O="Shiftworks Co.,Ltd", L="Gangnam-gu ", S=Seoul, C=KR

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
5844A0946EF9B07E09BA8DDEE08DDD75

File PE Metadata
Compilation timestamp:
4/12/2009 5:27:01 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:35UQsXjSIy7WBfSIy7+9EVtNxxwN5luLqpQJ5e2/EkVSIy7Pn04:JUQsXjSIy7WBfSIy7+EtdLT/EgSIy7M4

Entry address:
0x41B7E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
3.5622

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
256 KB (262,144 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
APMSETUPMONITOR

Command:
C:\apm_setup\server\monitor\apmmonitor.exe


Scan APMMonitor.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.