home

ppc_arm_1000m_sign.aut

SOTI Inc.

Publisher:
SOTI Inc.  (signed and verified)

MD5:
a680782142fe59e7614ef724b2613937

SHA-1:
4f57e1f50e95325eac7b7d6f577ec29e6479f322

SHA-256:
869980e0cc467b5d492ab2e063e34bb4419d4dd168e74ccfd006ca7dec018005

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/27/2024 8:44:35 PM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Malware.RDM.34!5.28 [F]
23.00.65.16516

File size:
34.3 KB (35,144 bytes)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\{c3d9886d-256e-42b7-8026-8625e505c3c4}\files\ppc_arm_1000m_sign.aut

Digital Signature
Signed by:
SOTI Inc.

Authority:
Microsoft Corporation

Valid from:
2/12/2013 2:27:21 AM

Valid to:
2/12/2023 2:47:28 PM

Subject:
CN=CodeSigning for SOTI Inc., OU=Microsoft Privileged, O=SOTI Inc., L=Mississauga, S=Ontario, C=CA

Issuer:
CN=VeriSign Authorized Code Signing (Privileged) CA for Microsoft, O=Microsoft Corporation, C=US

Serial number:
3F5F

File PE Metadata
Compilation timestamp:
2/1/2013 3:19:07 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:

Linker version:
6.20

CTPH (ssdeep):
768:kpgB4hX5glDfaIw0gQ8VovPwSCTsHo8010iKcokD5JH:kpgy35FCxHQ9H

Entry address:
0x6A5C

Entry point:
F0, 40, 2D, E9, 00, 40, A0, E1, 01, 50, A0, E1, 02, 60, A0, E1, 03, 70, A0, E1, 06, 00, 00, EB, 07, 30, A0, E1, 06, 20, A0, E1, 05, 10, A0, E1, 04, 00, A0, E1, 28, F2, FF, EB, F0, 40, BD, E8, 17, 00, 00, EA, 00, 40, 2D, E9, 20, 10, 9F, E5, 18, 00, 9F, E5, 07, 00, 00, EB, 0C, 10, 9F, E5, 04, 00, 9F, E5, 00, 40, BD, E8, 03, 00, 00, EA, 98, 81, 01, 00, A0, 81, 01, 00, A4, 81, 01, 00, A8, 81, 01, 00, 30, 40, 2D, E9, 00, 40, A0, E1, 01, 50, A0, E1, 04, 00, 00, EA, 00, 00, 94, E5, 00, 00, 50, E3, 0F, E0, A0, 11...
 
[+]

Entropy:
5.6145

Packer / compiler:
PocketPC, 0xARM

Code size:
23.5 KB (24,064 bytes)

Scan ppc_arm_1000m_sign.aut - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.