home

rs2011base.dll

rs2011base

RadarSync

The module rs2011base.dll by RadarSync has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
3v  (signed by RadarSync)

Product:
rs2011base

Version:
3.7.0.17

MD5:
8218cbf736cf5cc1aab770bd2475dc15

SHA-1:
6e9ced6229309f8749ca0944c13af8fb2287ab25

SHA-256:
602854cc211411819143bf30fd92aa051fc78bdda4d76cc81ef5b7012437a4e5

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 3:01:08 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.RadarSync.DriverUpdater.Optional.Meta (L)
16.2.5.16

File size:
1.7 MB (1,813,160 bytes)

Product version:
3.7.0.17

Copyright:
Copyright © 3v 2011

Original file name:
rs2011base.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Language Neutral

Common path:
C:\Program Files\radarsync\rs2011base.dll

Digital Signature
Signed by:
RadarSync

Authority:
Thawte, Inc.

Valid from:
8/15/2011 8:00:00 PM

Valid to:
5/19/2012 7:59:59 PM

Subject:
CN=RadarSync, O=RadarSync, L=Highland Park, S=Illinois, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
21C0A661B6DC7A88F376DB8C90E62175

File PE Metadata
Compilation timestamp:
11/17/2011 5:16:33 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:pddrW3pHuYw2wS0wI7ORL4w0F4aEYCYkvyMcKyThIkvmvejoLRwLYT1RzhN:drcpHsaMDqalq2hIkyewN

Entry address:
0x1BBABE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.4044

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
1.7 MB (1,809,408 bytes)

Remove rs2011base.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.