home

anydesk.exe

AnyDesk

philandro Software GmbH

This is a setup program which is used to install the application. It runs as a separate (within the context of its own process) windows Service named “AnyDesk Service”. This is the uninstaller utility registered in the Windows Control Panel for the program AnyDesk by philandro Software GmbH. The file has been seen being downloaded from download.enativ.com and multiple other hosts.
Publisher:
philandro Software GmbH  (signed and verified)

Product:
AnyDesk

Version:
2.1.2.0

MD5:
10bcb1cd7f2c989c49119aabb93bc7ab

SHA-1:
01c625a125a86135d55a5dca42a8cc4609378459

SHA-256:
60bce90b4c981263ac37b4f202afc14fc25dc17f7ccf823521f44fdfc36e060b

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/19/2024 10:42:42 AM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Malware.Generic(Thunder)!1.A1C4 [F]
23.00.65.151215

File size:
1.4 MB (1,428,640 bytes)

Product version:
2.1

Copyright:
(C) 2015 philandro Software GmbH

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\anydesk.exe

Digital Signature
Signed by:
philandro Software GmbH

Authority:
GlobalSign nv-sa

Valid from:
8/17/2015 11:32:31 AM

Valid to:
10/24/2018 4:08:33 AM

Subject:
E=cert@philandro.com, CN=philandro Software GmbH, O=philandro Software GmbH, L=Stuttgart, S=BW, C=DE

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121EAA40803A9226F303743EE537D5CD62D

File PE Metadata
Compilation timestamp:
12/17/2015 2:24:12 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:m23SvDMo9wUr3OSbiFKkTjEx3LUIoDFRgxE3s+XZG4y:93SXiLTAdEngd+XAJ

Entry address:
0x2028

Entry point:
55, 8D, 6C, 24, 88, 81, EC, 58, 11, 00, 00, 56, 8D, 4D, 38, E8, 22, F9, FF, FF, 8D, 45, 38, 8B, C8, A3, C8, 76, 96, 00, E8, E0, F7, FF, FF, 84, C0, 75, 15, BE, E8, 03, 00, 00, 8D, 4D, 38, E8, CE, F7, FF, FF, 8B, C6, 5E, 83, C5, 78, C9, C3, 8D, 45, 38, 50, 8D, 4D, D8, E8, 5D, F4, FF, FF, 8D, 45, D8, 8B, C8, A3, CC, 76, 96, 00, E8, C3, F3, FF, FF, 84, C0, 75, 0F, 8D, 4D, D8, E8, A8, F3, FF, FF, BE, E9, 03, 00, 00, EB, C2, 8D, 45, 38, 50, 8D, 4D, 6C, E8, 25, F3, FF, FF, 33, F6, 39, 75, 6C, 0F, 84, A8, 00, 00...
 
[+]

Entropy:
7.9905  (probably packed)

Code size:
11.5 KB (11,776 bytes)

Program Uninstaller
Program name:
AnyDesk

Display publisher:
philandro Software GmbH

Display version:
ad 2.1.2

Uninstall string:
"C:\Program Files (x86)\AnyDesk\AnyDesk.exe" --uninstall


Service
Display name:
AnyDesk Service

Service name:
AnyDesk

Description:
AnyDesk support service.

Type:
Win32OwnProcess

Depends on:
RpcSs


The file anydesk.exe has been seen being distributed by the following 42 URLs.

http://download.enativ.com/AnyDesk.exe

http://galcsik-it.hu/.../AnyDesk.exe

http://descargas.treyder.eu/anydesk.exe

http://iproyecta.info/soporte/.../anydesk.exe

https://download.wetransfer.com/eu2/.../AnyDesk.exe

http://f.28941307.com/.../@AnyDesk.exe

http://www.cmmsistemas.com.br/.../ANYDESK?cdLocal=2&arquivo={D87615BC-8BE7-BDB5-ED86-D3CBBEC4E4A3}.exe

http://www.valdenet.com/.../AnyDesk.exe

http://anydesk.softonic.com/download-tracker?th=8yS3 KGEYLiw7GKMHzA/.../ioH8fOSYd90fx0SA0SXE1iuXCgN2diAByz95ZmysGU3mXjQUQkIAgnwYmuwM=

https://api.asm.skype.com/v1/objects/0-cus-d3-5cd03671820d21d8a0f5b4cd7b411c1d/.../original

http://www.lesslanvitoria.com/.../Remoto.exe

http://www.mkm.net.br/.../?arq=AnyDesk.exe

http://www.psiinformatica.inf.br/.../AnyDesk.exe

ftp://supremo.ddns.info/Emerson/.../AnyDesk (1).exe

http://files358.xetbox.com/downloads/software/internet/.../anydesk.setup.exe

ftp://ftp.dtdc.com/.../AnyDesk.exe

http://help.consist.co.il/.../AnyDesk.exe

http://lb.cdn.m6web.fr/d/c/a/d9b8471695838be6f49f1271da18228b/56b3abc3/soft/.../anydesk_2-1-2_fr_431427.exe

http://www.acipg.org.br/.../AnyDesk.exe

http://www.omturbo.com/.../suporte.exe

http://saurus.com.br/.../AnyDesk.exe

http://mkm.net.br/.../?arq=AnyDesk.exe

http://www.assisnet.com.br/.../AnyDesk.exe

https://docs.google.com/a/.../uc?authuser=0&id=0B-NslNx3t6PmOFdwZkJIV2dtU3M&export=download

http://www.duosoluciones.com/.../ayuda.exe

http://203.76.101.73:8080/AnyDesk.exe

ftp://192.168.20.102/Software/.../AnyDesk.exe

http://files.downloadnow-5.com/s/software/13/82/51/.../AnyDesk.exe

http://www.minisoft.co.il/.../AnyDesk.exe

https://doc-0k-bo-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/9og10qoehc8hnj7avu93k4b8di1gqcq8/1456833600000/07474844515673686896/.../0B6XrY00rsmPjNVpqTmhsOHhJWVU?e=download

Latest 30 of 42 download URLs

Scan anydesk.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.