home

idproductionservice.exe

IDExpert SDK

vps ID Systeme GmbH

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘IDProductionService’.
Publisher:
vps ID Systeme GmbH  (signed and verified)

Product:
IDExpert® SDK

Description:
IDProductionService

Version:
1.0.0.2 (Unicode)

MD5:
1aa5407f806644a11b1e01bc7e40976a

SHA-1:
dab6083aae78e832237b6d927f0a262840805f8e

SHA-256:
0360aa30e7c30efcebd9ab8f24556ac0c6d42a14929c50d7b29b9d60b6373983

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 11:04:11 PM UTC  (a few moments ago)

File size:
467.9 KB (479,176 bytes)

Product version:
5.0.0.219

Copyright:
Copyright (C) 1998-2012 vps ID Systeme GmbH

Original file name:
IDProductionService.exe / ~_x.dll

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\idexpert sdk\system\idproductionservice.exe

Digital Signature
Signed by:
vps ID Systeme GmbH

Authority:
Thawte, Inc.

Valid from:
5/1/2012 8:00:00 PM

Valid to:
5/2/2014 7:59:59 PM

Subject:
CN=vps ID Systeme GmbH, OU=vps ID Systeme GmbH, O=vps ID Systeme GmbH, L=Ettlingen, S=Baden-Wuerttemberg, C=DE

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
5EB9C198EA6213CE0A246713D46AB88D

File PE Metadata
Compilation timestamp:
6/3/2013 3:13:27 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:9r0XaREJtJkLhV4KRYJu1ALDpFSnUii9Ki9ASLNE4z11z+JCrg1:lE8EJtJkLhV4KRYJkPUXqGDz+Jx

Entry address:
0x52420

Entry point:
55, 8B, EC, 6A, FF, 68, F0, A2, 45, 00, 68, 22, 28, 45, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, 5F, 57, FF, 15, F0, 78, 45, 00, 59, 83, 0D, 34, 99, 4A, 00, FF, 83, 0D, 38, 99, 4A, 00, FF, FF, 15, E8, 78, 45, 00, 8B, 0D, 28, 99, 4A, 00, 89, 08, FF, 15, FC, 78, 45, 00, 8B, 0D, 24, 99, 4A, 00, 89, 08, A1, 00, 79, 45, 00, 8B, 00, A3, 30, 99, 4A, 00, E8, 90, 03, 00, 00, 39, 1D, 50, 8E, 46, 00, 75, 0C, 68, 1E, 28, 45, 00, FF, 15...
 
[+]

Entropy:
6.5775

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
344 KB (352,256 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
IDProductionService

Command:
C:\Program Files\idexpert sdk\system\idproductionservice.exe \s \a


Scan idproductionservice.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.