home

RAInfo.sys

RemotelyAnywhere

3am Labs, Inc.

It runs as a Windows kernel mode device driver named “RemotelyAnywhere Kernel Information Provider”.
Publisher:
3am Labs Ltd.  (signed by 3am Labs, Inc.)

Product:
RemotelyAnywhere

Description:
RemotelyAnywhere Kernel Information Provider

Version:
5.32.430

MD5:
9879978c84f8691841f5b57690f205d8

SHA-1:
112d9f45a3069907f447347a06a106c372ff62ab

SHA-256:
d0b27fd224b8d23edcfe0002084fe9bdd1019e16b6fcacc4c29913b368b4295f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2024 10:41:09 PM UTC  (today)

File size:
10.9 KB (11,136 bytes)

Product version:
5.32.430

Copyright:
Copyright © 1998-2004 3am Labs Ltd. All rights reserved.

Original file name:
RAInfo.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Program Files\remotelyanywhere\rainfo.sys

Digital Signature
Signed by:
3am Labs, Inc.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
10/7/2004 10:06:28 PM

Valid to:
10/7/2005 10:06:28 PM

Subject:
CN="3am Labs, Inc.", OU=Secure Application Development, O="3am Labs, Inc.", L=Woburn, S=Massachusetts, C=US

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
3EAC5F

File PE Metadata
Compilation timestamp:
4/12/2004 2:09:30 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
7.0

Entry address:
0xC3C

Entry point:
55, 8B, EC, 83, EC, 58, 8B, 45, 0C, 53, 56, 57, 89, 45, B0, 8D, 45, A8, 50, 33, DB, 68, 19, 00, 02, 00, 8D, 45, 0C, 50, C7, 45, A8, 18, 00, 00, 00, 89, 5D, AC, C7, 45, B4, 40, 00, 00, 00, 89, 5D, B8, 89, 5D, BC, FF, 15, D4, 0E, 01, 00, 85, C0, 0F, 8C, EC, 00, 00, 00, BE, 2E, 0C, 01, 00, 8D, 7D, D0, A5, A5, 8D, 45, D0, A5, 50, 8D, 45, F0, 50, 66, A5, FF, 15, E4, 0E, 01, 00, 8B, 35, D0, 0E, 01, 00, 8D, 45, FC, 50, 6A, 10, 8D, 45, C0, 50, 6A, 02, 8D, 45, F0, 50, FF, 75, 0C, FF, D6, 3B, C3, 7D, 0B, 3D, 05, 00...
 
[+]

Entropy:
6.5647

Developed / compiled with:
Microsoft Visual C++

Code size:
3.6 KB (3,712 bytes)

Driver
Display name:
RemotelyAnywhere Kernel Information Provider

Service name:
RAInfo

Type:
Kernel device driver (KernelDriver)


Scan RAInfo.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.