home

SimpleStarSmartMonitor.exe

SimpleStar Smart Monitor

Vapc Lux Sarl

The application SimpleStarSmartMonitor.exe by Vapc Lux Sarl has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
SimpleStar  (signed by Vapc Lux Sarl)

Product:
SimpleStar Smart Monitor

Version:
1,1,2,14

MD5:
fba2e42f0ecd995fb582a78dd507bc7f

SHA-1:
fd35ba2be805cb857ed4b4d6545407e302bf007f

SHA-256:
063842e6adfabdad6148e6223d275130fd5dbc876af81a5f79c7bf197e0098d0

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/22/2024 10:03:53 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.SimpleStar (L)
16.10.17.22

File size:
1.7 MB (1,736,152 bytes)

Product version:
1.1.2.14

Copyright:
Copyright (c) 2016 SimpleStar. All Rights Reserved.

Original file name:
SimpleStarSmartMonitor.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\simplestar smart monitor\simplestarsmartmonitor.exe

Digital Signature
Signed by:
Vapc Lux Sarl

Authority:
GlobalSign nv-sa

Valid from:
2/11/2016 4:11:14 PM

Valid to:
2/10/2017 4:57:32 PM

Subject:
E=Ludovic.trogliero@vapc.lu, CN=Vapc Lux Sarl, O=Vapc Lux Sarl, L=Luxembourg, C=LU

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112130BA28CC6DC89090DD3923776478D67D

File PE Metadata
Compilation timestamp:
8/16/2016 2:34:16 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:ws8L/bFu8uQoLuT+LKYPHHBMZOMu7Ss6EILn5WzsP:wdL/Ru8//+pHBMZOZlsP

Entry address:
0xAD6E7

Entry point:
E8, D7, 07, 00, 00, E9, 6B, FD, FF, FF, 8B, FF, 55, 8B, EC, FF, 75, 14, FF, 75, 10, FF, 75, 0C, FF, 75, 08, 68, 2C, D2, 4A, 00, 68, D4, 48, 55, 00, E8, 4D, 08, 00, 00, 83, C4, 18, 5D, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 51, 8D, 4C, 24, 08, 2B, C8, 83, E1, 0F, 03, C1, 1B, C9, 0B, C1, 59, E9, 2A, FB, FF, FF, 51, 8D, 4C, 24, 08, 2B, C8, 83, E1, 07, 03, C1, 1B, C9, 0B, C1, 59, E9, 14, FB, FF, FF, FF, 25, 7C, 77, 4E, 00, FF, 25, 78, 77, 4E, 00, CC, CC, CC, CC, CC, CC, CC, CC, 53, 56, 8B, 44, 24, 18, 0B...
 
[+]

Code size:
917.5 KB (939,520 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to ec2-52-73-235-184.compute-1.amazonaws.com  (52.73.235.184:80)

TCP (HTTP):
Connects to ec2-54-174-121-249.compute-1.amazonaws.com  (54.174.121.249:80)

TCP (HTTP):
Connects to ec2-52-206-15-116.compute-1.amazonaws.com  (52.206.15.116:80)

TCP (HTTP):
Connects to ec2-34-194-231-165.compute-1.amazonaws.com  (34.194.231.165:80)

TCP (HTTP):
Connects to a210-166-56-25.deploy.akamaitechnologies.com  (210.166.56.25:80)

TCP (HTTP):
Connects to ec2-54-85-189-79.compute-1.amazonaws.com  (54.85.189.79:80)

TCP (HTTP):
Connects to ec2-52-2-143-52.compute-1.amazonaws.com  (52.2.143.52:80)

TCP (HTTP SSL):
Connects to bam-8.nr-data.net  (162.247.242.20:443)

TCP (HTTP SSL):
Connects to wb-in-f155.1e100.net  (66.102.1.155:443)

TCP (HTTP SSL):
Connects to bam-4.nr-data.net  (50.31.164.174:443)

TCP (HTTP):
Connects to wb-in-f100.1e100.net  (66.102.1.100:80)

TCP (HTTP):
Connects to ls062240.mmjp.or.jp  (202.224.62.240:80)

TCP (HTTP SSL):
Connects to dh-in-f99.1e100.net  (209.85.203.99:443)

TCP (HTTP SSL):
Connects to dh-in-f105.1e100.net  (209.85.203.105:443)

TCP (HTTP SSL):
Connects to dg-in-f147.1e100.net  (209.85.202.147:443)

TCP (HTTP SSL):
Connects to bam-2.nr-data.net  (50.31.164.166:443)

TCP (HTTP):
Connects to a95-101-180-81.deploy.akamaitechnologies.com  (95.101.180.81:80)

TCP (HTTP):
Connects to a72-247-178-19.deploy.akamaitechnologies.com  (72.247.178.19:80)

Remove SimpleStarSmartMonitor.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.