home

ras monitor.exe

Proksima-S, LLC

The application ras monitor.exe by Proksima-S has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Tong Software Inc.  (signed by Proksima-S, LLC)

Description:
RAS Monitor

Version:
1.0.0.76

MD5:
b65a32c186d84e59f39d96927a79fb57

SHA-1:
9debda4d1de8ec65a3b70dd1f6a97c42a91e5322

SHA-256:
b1ebd6261cdbb8b4a00177bb84f8c4c30b66a7f8c77af198dd8758ef2de83747

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
8/9/2025 1:05:57 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.ProksimaS (M)
16.1.16.3

File size:
716.3 KB (733,472 bytes)

Product version:
1.0.0.0

Copyright:
(c) 1995-2010 by Tong Software Inc.

File type:
Executable application (Win32 EXE)

Language:
Thai (Thailand)

Common path:
C:\users\{user}\downloads\ras monitor.exe

Digital Signature
Signed by:
Proksima-S, LLC

Authority:
Symantec Corporation

Valid from:
6/12/2015 7:00:00 AM

Valid to:
6/12/2016 6:59:59 AM

Subject:
CN="Proksima-S, LLC", OU=Software developing, O="Proksima-S, LLC", L=Dnipropetrovsk, S=Dnipropetrovsk Oblast, C=UA

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
0C786C410F456C70F77E89B07F65490F

File PE Metadata
Compilation timestamp:
6/20/1992 5:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:lnj6/6rc85DnSOhDg/HN4IwANdgqk6ail4GQ2SeveGbTV9H7Z:ljE6Y8xsHHPNDl4ESYpPV9H

Entry address:
0x83AC4

Entry point:
55, 8B, EC, 83, C4, F4, 53, B8, B4, 38, 48, 00, E8, 9B, 2E, F8, FF, 8B, 1D, 5C, 75, 48, 00, 68, 58, 3B, 48, 00, 6A, 00, 68, 01, 00, 1F, 00, E8, F8, 30, F8, FF, 85, C0, 75, 61, 68, 58, 3B, 48, 00, 6A, 00, 6A, 00, E8, 5E, 2F, F8, FF, 8B, 03, E8, 97, 2C, FC, FF, 8B, 03, BA, 70, 3B, 48, 00, E8, AF, 28, FC, FF, 8B, 0D, 58, 73, 48, 00, 8B, 03, 8B, 15, BC, 00, 48, 00, E8, 90, 2C, FC, FF, 8B, 0D, C8, 74, 48, 00, 8B, 03, 8B, 15, 5C, FB, 47, 00, E8, 7D, 2C, FC, FF, 8B, 0D, D8, 76, 48, 00, 8B, 03, 8B, 15, A4, F8, 47...
 
[+]

Entropy:
6.8273

Developed / compiled with:
Microsoft Visual C++

Code size:
523 KB (535,552 bytes)

Remove ras monitor.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.