emmon.exe

BDA Monitor Application

Hauppauge Computer Works

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘emMON’.
Publisher:
eMPIA Technology, Inc.  (signed by Hauppauge Computer Works)

Product:
BDA Monitor Application

Version:
5, 6, 1215, 0

MD5:
6c8a7bbf0d3d63534c80e25be7a554aa

SHA-1:
721c27c751078121948d2a6be8d4e6082a2d3c96

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/30/2024 3:43:51 PM UTC  (today)

File size:
66.8 KB (68,400 bytes)

Product version:
5, 6, 1215, 0

Copyright:
Copyright (C) eMPIA Technology, Inc. 2002-2006

Original file name:
emmon.rc

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\windows\emmon.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
7/20/2006 8:00:00 PM

Valid to:
8/27/2008 7:59:59 PM

Subject:
CN=Hauppauge Computer Works, OU=Engineering, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Hauppauge Computer Works, L=Hauppauge, S=New York, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
135AFCB71B918A1C43D7CA094D752560

File PE Metadata
Compilation timestamp:
12/15/2006 6:54:28 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
768:Td/EMrEvj2e1NUfueI9Rqkge8GUNsqfKTKG/eDseo+B4L3emMbb:JWie1NUme1NsnWG/6og4Rob

Entry address:
0x552B

Entry point:
55, 8B, EC, 6A, FF, 68, 90, A2, 40, 00, 68, 6C, 72, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, C4, A0, 40, 00, 33, D2, 8A, D4, 89, 15, 24, D1, 40, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 20, D1, 40, 00, C1, E1, 08, 03, CA, 89, 0D, 1C, D1, 40, 00, C1, E8, 10, A3, 18, D1, 40, 00, 33, F6, 56, E8, 9E, 1C, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, B0, 00, 00, 00, 59, 89, 75, FC, E8, DE, 1A, 00, 00, FF, 15, C0, A0, 40, 00, A3, 38, E6, 40, 00, E8...
 
[+]

Entropy:
5.7341

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
36 KB (36,864 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
emMON

Command:
emmon.exe


Scan emmon.exe - Powered by Reason Core Security