home

raidcall.exe

raidcall

Beijing Changyou Raidcall Internet Tech Co.,Ltd Guangzhou branch

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘RaidCall’.
Publisher:
RAIDCALL.COM  (signed by Beijing Changyou Raidcall Internet Tech Co.,Ltd Guangzhou branch)

Product:
raidcall

Version:
1.0.3150.5

MD5:
a389f55cf40d80d3eadb10a663922490

SHA-1:
3a071609c3b09f3484f989cf6283b3fea63935b9

SHA-256:
f564efd91ac7e713a82c710f99fd36f0ffa6c43a2cfc8f85ae75bb2871523f78

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/14/2024 8:26:48 AM UTC  (today)

File size:
4 MB (4,152,744 bytes)

Product version:
1.0.3150.5

Copyright:
Copyright (C) 2009-2010 RAIDCALL.COM, All rights reserved

Original file name:
raidcall.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\raidcall.ru\raidcall.exe

Digital Signature
Signed by:
Beijing Changyou Raidcall Internet Tech Co.,Ltd Guangzhou branch

Authority:
Symantec Corporation

Valid from:
4/27/2016 9:00:00 PM

Valid to:
4/28/2018 8:59:59 PM

Subject:
CN="Beijing Changyou Raidcall Internet Tech Co.,Ltd Guangzhou branch", OU=运维, O="Beijing Changyou Raidcall Internet Tech Co.,Ltd Guangzhou branch", L=guangzhou, S=guangdong, C=CN

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
422946975D4B933E1729BEEBED96DC59

File PE Metadata
Compilation timestamp:
6/14/2016 12:44:15 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

Entry address:
0x1DE020

Entry point:
6A, 74, 68, 70, FA, 72, 00, E8, 98, FB, FF, FF, 33, FF, 89, 7D, E0, 57, 8B, 1D, F8, 31, 6F, 00, FF, D3, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03, C8, 81, 39, 50, 45, 00, 00, 75, 12, 0F, B7, 41, 18, 3D, 0B, 01, 00, 00, 74, 1F, 3D, 0B, 02, 00, 00, 74, 05, 89, 7D, E4, EB, 27, 83, B9, 84, 00, 00, 00, 0E, 76, F2, 33, C0, 39, B9, F8, 00, 00, 00, EB, 0E, 83, 79, 74, 0E, 76, E2, 33, C0, 39, B9, E8, 00, 00, 00, 0F, 95, C0, 89, 45, E4, 89, 7D, FC, 6A, 02, FF, 15, A4, 37, 6F, 00, 59, 83, 0D, A4, D4, 81, 00, FF, 83...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v7.1

Code size:
2.9 MB (3,088,384 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
RaidCall

Command:
C:\Program Files\raidcall.ru\raidcall.exe


Scan raidcall.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.