home

pdmx64svc.exe

PE Dropper Monitor x64 Service

NoVirusThanks Company Srl

Publisher:
NoVirusThanks Company Srl  (signed and verified)

Product:
PE Dropper Monitor x64 Service

Version:
1.5.0.0

MD5:
3cbea689b5f455ca3ea2d3487d5c745a

SHA-1:
f75cc05bfbcdbf1be9d56acb23074eec1616fc02

SHA-256:
57fd16921cc0ce6a23497b5270bac56559315f1a593e1eeb0b0075d58d19ee7a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 3:42:00 PM UTC  (today)

File size:
1.7 MB (1,775,264 bytes)

Product version:
1.5.0.0

Copyright:
NoVirusThanks Company Srl

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\novirusthanks\pe dropper monitor\pdmx64svc.exe

Digital Signature
Signed by:
NoVirusThanks Company Srl

Authority:
GlobalSign nv-sa

Valid from:
12/11/2012 11:38:01 AM

Valid to:
3/24/2014 10:31:15 AM

Subject:
E=support@novirusthanks.org, CN=NoVirusThanks Company Srl, O=NoVirusThanks Company Srl, L=Castiglione del Lago, S=Perugia, C=IT

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11214F7DE314C1A18C514A11F52BCC29270F

File PE Metadata
Compilation timestamp:
7/12/2013 5:51:35 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
49152:zavgi54XG7YQve3Tpaicrt6NTDXdcMFHC:O4iwGUCe3l7civTc

Entry address:
0x452000

Entry point:
48, 83, EC, 08, 50, 53, E8, 01, 00, 00, 00, CC, 58, 48, 89, C3, 48, FF, C0, 48, 2D, 00, B0, 0E, 00, 48, 2D, 87, F0, 09, 10, 48, 05, 7B, F0, 09, 10, 80, 3B, CC, 75, 19, C6, 03, 00, BB, 00, 10, 00, 00, 68, 54, 5C, 64, 23, 68, 5D, 26, 9D, 14, 53, 50, E8, 0C, 00, 00, 00, 48, 83, C0, 00, 48, 89, 44, 24, 10, 5B, 58, C3, 55, 48, 89, E5, 50, 53, 51, 56, 48, 8B, 75, 10, 8B, 4D, 18, C1, E9, 02, 8B, 45, 20, 8B, 5D, 28, 85, C9, 74, 0C, 31, 06, 01, 1E, 48, 83, C6, 04, FF, C9, EB, F0, 5E, 59, 5B, 58, C9, C2, 20, 00, E7...
 
[+]

Entropy:
7.8300  (probably packed)

Code size:
1.7 MB (1,783,808 bytes)

Scan pdmx64svc.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.