home

RamPhantom7Utility.exe

RamPhantom7 64 Free Utility

I-O DATA DEVICE, INC.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘RamPhantom7’.
Publisher:
I-O DATA DEVICE,INC.  (signed by I-O DATA DEVICE, INC.)

Product:
RamPhantom7 64 Free Utility

Description:
RamPhantom7Utility

Version:
1, 0, 0, 11

MD5:
e5e48a3bc71646915e7cd6bebae21b94

SHA-1:
4c6f4ab2a8dce454048d9b0b024cc1e7e8daf187

SHA-256:
7459bf14dcd3a834bd077a581058dc1c762dbfbb9ca181ee7b9bffd21a28c1b8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 11:57:49 AM UTC  (today)

File size:
818.8 KB (838,448 bytes)

Product version:
1, 0, 0, 11

Copyright:
Copyright (C) 2009 I-O DATA DEVICE,INC.

Original file name:
RamPhantom7Utility.exe

File type:
Executable application (Win64 EXE)

Common path:
C:\Program Files\i-o data\ramphantom7\ramphantom7utility.exe

Digital Signature
Signed by:
I-O DATA DEVICE, INC.

Authority:
VeriSign, Inc.

Valid from:
12/15/2008 9:00:00 AM

Valid to:
12/16/2009 8:59:59 AM

Subject:
CN="I-O DATA DEVICE, INC.", OU=Technical Support Dept., OU=Digital ID Class 3 - Microsoft Software Validation v2, O="I-O DATA DEVICE, INC.", L=Kanazawa-shi, S=Ishikawa, C=JP

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7515B84EE2B81F32FD5583B9274EC92E

File PE Metadata
Compilation timestamp:
9/11/2009 1:38:39 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:8Z0jHD5WROlSquGVHRPIqUvKfAuyhjbIflENuXS4VoXXSEwli:m00ETzijbcuEXSqgXSEwli

Entry address:
0x48920

Entry point:
48, 83, EC, 28, E8, 53, 57, 00, 00, 48, 83, C4, 28, E9, 1A, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 3B, 0D, 89, 77, 04, 00, 75, 11, 48, C1, C1, 10, 66, F7, C1, FF, FF, 75, 02, F3, C3, 48, C1, C9, 10, E9, C1, 57, 00, 00, CC, 48, 89, 5C, 24, 08, 57, 48, 83, EC, 20, 48, 8D, 05, E7, 63, 02, 00, 8B, DA, 48, 8B, F9, 48, 89, 01, E8, EE, 58, 00, 00, F6, C3, 01, 74, 08, 48, 8B, CF, E8, 5D, 56, FE, FF, 48, 8B, C7, 48, 8B...
 
[+]

Entropy:
5.6942

Code size:
410 KB (419,840 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
RamPhantom7

Command:
"C:\Program Files\i-o data\ramphantom7\ramphantom7utility.exe" \s


Scan RamPhantom7Utility.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.