clientmonitor.exe

Viatlio Corporation

The executable clientmonitor.exe has been detected as malware by 24 anti-virus scanners. It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in.
Publisher:
Viatlio Corporation  (signed and verified)

MD5:
9dc8c08a666714d25975086985f16df6

SHA-1:
d2e48543823f03e58616e50f77fb2b9345bcf2e5

SHA-256:
dca60cc6068b630b7fc2d0e6b94a042d3892f6b640579608663ed830486d92b8

Scanner detections:
24 / 68

Status:
Malware

Analysis date:
11/27/2024 5:31:16 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.3153318
255

AegisLab AV Signature
Troj.W32.Generic!c
2.1.4+

Avira AntiVirus
TR/Dropper.MSIL.otqj
8.3.3.4

Arcabit
Trojan.Generic.D301DA6
1.0.0.669

avast!
Win32:Malware-gen
2014.9-160524

AVG
MSIL10
2017.0.2733

Baidu Antivirus
Win32.Trojan.WisdomEyes.151026.9950
4.0.3.16524

Bitdefender
Trojan.GenericKD.3153318
1.0.20.725

Emsisoft Anti-Malware
Trojan.GenericKD.3153318
8.16.05.24.06

ESET NOD32
MSIL/Injector.OUU (variant)
10.13338

Fortinet FortiGate
MSIL/Injector.OSK!tr
5/24/2016

F-Secure
Trojan.GenericKD.3153318
11.2016-24-05_3

G Data
Trojan.GenericKD.3153318
16.5.25

IKARUS anti.virus
Trojan.MSIL.Injector
t3scan.2.0.9.0

K7 AntiVirus
Trojan
13.221.19308

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.161

McAfee
Trojan-FIHN!9DC8C08A6667
5600.6389

Microsoft Security Essentials
Trojan:Win32/Skeeyah.A!rfn
1.1.12603.0

MicroWorld eScan
Trojan.GenericKD.3153318
17.0.0.435

NANO AntiVirus
Trojan.Win32.OUU.ebnwyx
1.0.30.7834

nProtect
Trojan.GenericKD.3153318
16.04.14.01

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1120

Rising Antivirus
PE:Malware.Generic/QRS!1.9E2D [F]
23.00.65.16522

VIPRE Antivirus
Trojan.Win32.Generic
48636

File size:
504 KB (516,104 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\clientmonitor.exe

Digital Signature
Authority:
Viatlio Corporation

Valid from:
4/2/2016 8:02:53 PM

Valid to:
4/3/2017 8:02:53 PM

Subject:
E=viat@lio.com, CN=Viat Lio, OU=NAS Dept., O=Viatlio Corporation, L=Sydney, S=New South Wales, C=AU

Issuer:
E=viat@lio.com, CN=Viat Lio, OU=NAS Dept., O=Viatlio Corporation, L=Sydney, S=New South Wales, C=AU

Serial number:
00F2C8FB738509EF37

File PE Metadata
Compilation timestamp:
4/11/2016 4:16:54 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:HRcozXv3Qpk0fGiZpyFce1NDgq6YITbdGP9v:HpzXv8v5ZwOerIvAP

Entry address:
0x7E36E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
497 KB (508,928 bytes)

Scheduled Task
Task name:
Client Monitor

Trigger:
Logon (Runs on logon)


Remove clientmonitor.exe - Powered by Reason Core Security