home

idproductionservice.exe

IDExpert SDK

vps ID Systeme GmbH

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘IDProductionService’.
Publisher:
vps ID Systeme GmbH  (signed and verified)

Product:
IDExpert® SDK

Description:
IDProductionService

Version:
1.0.0.2 (Unicode)

MD5:
37be0b8a3467c86865796f3d828bd495

SHA-1:
7fbdd4e25db57f8edc18b4b9b9957866c8231df4

SHA-256:
b0711befa68c3c2151f3a04c29234a5fd9c2e942b4408105a8ab3a14c5720cd4

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 5:53:31 PM UTC  (today)

File size:
467.9 KB (479,176 bytes)

Product version:
5.0.0.223

Copyright:
Copyright (C) 1998-2012 vps ID Systeme GmbH

Original file name:
IDProductionService.exe / ~_x.dll

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\idexpert sdk\system\idproductionservice.exe

Digital Signature
Signed by:
vps ID Systeme GmbH

Authority:
Thawte, Inc.

Valid from:
5/2/2012 2:00:00 AM

Valid to:
5/3/2014 1:59:59 AM

Subject:
CN=vps ID Systeme GmbH, OU=vps ID Systeme GmbH, O=vps ID Systeme GmbH, L=Ettlingen, S=Baden-Wuerttemberg, C=DE

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
5EB9C198EA6213CE0A246713D46AB88D

File PE Metadata
Compilation timestamp:
7/3/2013 1:57:28 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:5ZCu5HkxF4RtmjGVkdhTXNY7ZepEaOa1Ca1gWHsECMRf1YCAgc:zCuxOF4RtmjGVkdhTXNkerN7pin

Entry address:
0x52310

Entry point:
55, 8B, EC, 6A, FF, 68, F0, A2, 45, 00, 68, 12, 27, 45, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, 5F, 57, FF, 15, F0, 78, 45, 00, 59, 83, 0D, 2C, 99, 4A, 00, FF, 83, 0D, 30, 99, 4A, 00, FF, FF, 15, E8, 78, 45, 00, 8B, 0D, 20, 99, 4A, 00, 89, 08, FF, 15, FC, 78, 45, 00, 8B, 0D, 1C, 99, 4A, 00, 89, 08, A1, 00, 79, 45, 00, 8B, 00, A3, 28, 99, 4A, 00, E8, 90, 03, 00, 00, 39, 1D, 50, 8E, 46, 00, 75, 0C, 68, 0E, 27, 45, 00, FF, 15...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
344 KB (352,256 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
IDProductionService

Command:
C:\Program Files\idexpert sdk\system\idproductionservice.exe \s \a


Scan idproductionservice.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.