home

AntiRansomService.exe

REDDOXX ANTI RANSOM

REDDOXX GmbH

It runs as a separate (within the context of its own process) windows Service named “REDDOXX ANTI RANSOM Service”.
Publisher:
REDDOXX GmbH  (signed and verified)

Product:
REDDOXX ANTI RANSOM

Description:
REDDOXX ANTI RANSOM Service

Version:
1.0.5.0

MD5:
e6b6581566631b270a0d60826a9319d8

SHA-1:
13f8edb2bd1ddc8c18b59ad6741208a7cfbab70b

SHA-256:
4b604722983fc0c18a32cb84ee80a24d49e7db6dde23e0037297b0bd69ab811c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/5/2024 9:17:17 AM UTC  (today)

File size:
27 KB (27,688 bytes)

Product version:
1.0.5.0

Copyright:
REDDOXX GmbH Copyright © 2016

Original file name:
AntiRansomService.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\reddoxx\antiransom\antiransomservice.exe

Digital Signature
Signed by:
REDDOXX GmbH

Authority:
COMODO CA Limited

Valid from:
1/10/2014 1:00:00 AM

Valid to:
1/10/2017 12:59:59 AM

Subject:
CN=REDDOXX GmbH, O=REDDOXX GmbH, STREET=Neue Weilheimer Straße 14, L=Kirchheim unter Teck, S=BW, PostalCode=73230, C=DE

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
3E66E3E7A485B2A39C3B54D0E1DFD2B6

File PE Metadata
Compilation timestamp:
5/17/2016 5:30:14 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
48.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
384:9QVokiJKUC7v62mBK+ZF4aKDTCqDQ+td2kFUPB3Oog3BqFTnhCxYPLg8fSe9:KVodX2mEtPnHCBeq5MEfX

Entry address:
0x63F2

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 00, 10, 00, 00, 00, 20, 00, 00, 80, 18, 00, 00, 00, 50, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 01, 00, 00, 00, 38, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 01, 00, 00, 00, 68, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
17 KB (17,408 bytes)

Service
Display name:
REDDOXX ANTI RANSOM Service

Service name:
AntiRansomService

Type:
Win32OwnProcess


Scan AntiRansomService.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.