» UsageMonitor.HealthCheck.exe
Overview
Analysis
File Details
Behaviors (1)

UsageMonitor.HealthCheck.exe

UsageMonitor.HealthCheck

RealityMine Limited

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘AnalyzeMeHealthcheck’.

File name:

Publisher:

RealityMine Ltd (signed by RealityMine Limited)

Product:

UsageMonitor.HealthCheck

Version:

1.2.1.0

MD5:

acf42d51cfe861f02f68b04f2f1583ea

SHA-1:

6c150290b1e3de8f048df38b3a0a60ab8694e590

SHA-256:

f13d793d15e047e09b1f3d879cda281096c3ede24ac32a95b6139696e8b79563

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/25/2024 5:35:16 PM UTC (today)

File size:

12.4 KB (12,648 bytes)

Product version:

1.2.1.0

Original file name:

UsageMonitor.HealthCheck.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\analyzeme\usagemonitor.healthcheck.exe

Digital Signature

Signed by:

RealityMine Limited

Authority:

GoDaddy.com, Inc.

Valid from:

3/10/2015 12:21:38 PM

Valid to:

2/23/2016 4:37:40 PM

Subject:

CN=RealityMine Limited, O=RealityMine Limited, L=Trafford Park, S=Manchester, C=GB

Issuer:

CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:

00C8A2374310489BDE

File PE Metadata

Compilation timestamp:

8/21/2015 2:18:49 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

384:azfRMz2SSOqZokuibVpW8Tmic3DZ/d5GMENle:aA2vOqKupW8Tmic1G5c

Entry address:

0x328E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

5.7907

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

5 KB (5,120 bytes)

Startup File (User Run)

Registry location:

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

AnalyzeMeHealthcheck

Command:

C:\Program Files\analyzeme\usagemonitor.healthcheck.exe

Scan UsageMonitor.HealthCheck.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.