» rfusclient.exe
Overview
Analysis
File Details
Programs (1)

rfusclient.exe

Remote Manipulator System

Usoris Systems

The application rfusclient.exe by Usoris Systems has been detected as a potentially unwanted program by 8 anti-malware scanners. This file is typically installed with the program Remote Manipulator System - Host by TektonIT.

File name:

rfusclient.exe

Publisher:

TektonIT (signed by Usoris Systems)

Product:

Remote Manipulator System

Description:

RMS

Version:

5.5.2.0

MD5:

dd15ef60a54488a40afd0aecb5e5611c

SHA-1:

f1715f6b88ea1ef2cb7f7429e63aa42955131f31

Scanner detections:

8 / 68

Status:

Potentially unwanted

Analysis date:

5/5/2024 5:41:38 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Riskware.RemoteAdmin

7.1.1

Avira AntiVirus

APPL/MonitorTool.Gen

7.11.182.198

AVG

RemoteAdmin

2016.0.3000

Clam AntiVirus

Win.Trojan.Rfusclient

0.98/21411

Dr.Web

Program.RemoteAdmin.675

9.0.1.0244

ESET NOD32

Win32/RemoteAdmin.RemoteUtilities (variant)

9.10659

Rising Antivirus

PE:Malware.InstallMonstr!6.38

23.00.65.15830

Trend Micro House Call

Suspicious_GEN.F47V0708

7.2.244

File size:

4.8 MB (5,001,472 bytes)

Product version:

5.5.2.0

Trademarks:

Remote Manipulator System, TektonIT

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\remote manipulator system - host\rfusclient.exe

Digital Signature

Signed by:

Usoris Systems

Authority:

VeriSign, Inc.

Valid from:

2/11/2013 3:00:00 AM

Valid to:

2/12/2014 2:59:59 AM

Subject:

CN=Usoris Systems, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Usoris Systems, L=Victoria, S=Mahe, C=SC

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

67FD5AEC0D8F9F6F1CAA40589F568A0C

File PE Metadata

Compilation timestamp:

6/30/2013 7:13:09 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:ClvUBnO6u/KOm/qSLI2l1j0CIEgH3LDFWTHFC7inAbAXO+niZmT0TYSXHzBe9871:ClsnO1/4jAbAFE9jn1

Entry address:

0x3CFFD8

Entry point:

55, 8B, EC, 83, C4, F0, 53, B8, 84, A0, 7B, 00, E8, 47, F4, C3, FF, 8B, 1D, AC, 5B, 7E, 00, A1, 94, 54, 7E, 00, 83, 38, 06, 7C, 05, E8, BE, 4B, C4, FF, E8, 31, A0, FE, FF, 8B, 03, B2, 01, E8, AC, DE, E3, FF, 8B, 03, E8, 61, C1, E3, FF, 8B, 03, BA, 78, 00, 7D, 00, E8, 05, BB, E3, FF, 8B, 03, C6, 40, 67, 00, 8B, 0D, A8, 57, 7E, 00, 8B, 03, 8B, 15, 34, 05, 7B, 00, E8, 54, C1, E3, FF, 8B, 0D, 34, 58, 7E, 00, 8B, 03, 8B, 15, 88, E2, 71, 00, E8, 41, C1, E3, FF, 8B, 0D, FC, 61, 7E, 00, 8B, 03, 8B, 15, A0, 37, 76... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

3.8 MB (3,993,600 bytes)

The file rfusclient.exe has been discovered within the following program.

Remote Manipulator System - Host by TektonIT

rmansys.ru

About 2% of users remove it

Remove rfusclient.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.