» rutserv.exe
Overview
Analysis
File Details
Behaviors (1)

rutserv.exe

Remote Utilities

Usoris Systems LLC

The application rutserv.exe by Usoris Systems has been detected as a potentially unwanted program by 4 anti-malware scanners. It runs as a windows Service named “Usoris - R-Server”.

File name:

rutserv.exe

Publisher:

Usoris Systems LLC (signed and verified)

Product:

Remote Utilities

Version:

5.2.1.0

MD5:

d61a03ea74c5f9030fed7eef38817111

SHA-1:

b836d34cf0e4031e56ec5b45ffdacfa740127f90

Scanner detections:

4 / 68

Status:

Potentially unwanted

Analysis date:

4/23/2024 11:11:27 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Riskware.RemoteAdmin.DK

7.1.1

ESET NOD32

Win32/RemoteAdmin.RemoteUtilities (variant)

10.10581

Kaspersky

not-a-virus:RemoteAdmin.Win32.Agent

14.0.0.837

Vba32 AntiVirus

Worm.AutoRun

3.12.26.3

File size:

4.7 MB (4,906,832 bytes)

Product version:

5.2.1.0

Trademarks:

Usoris Systems LLC, Remote Utilities

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\remote utilities - server\rutserv.exe

Digital Signature

Signed by:

Usoris Systems LLC

Authority:

DigiCert Inc

Valid from:

11/23/2011 4:00:00 PM

Valid to:

11/28/2012 4:00:00 AM

Subject:

CN=Usoris Systems LLC, O=Usoris Systems LLC, L=Victoria, S=Mahe, C=SC

Issuer:

CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

03EE40D56B7E363E2EECC7050C4C0A7E

File PE Metadata

Compilation timestamp:

6/9/2012 3:19:17 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:IUhLIKBk7wtmp7gSSeVgjcaTfhHFRdmKVRy2j1vBGzGuMwOBjD4T6TZTGuYptBC5:IUlIKcw9EgzRvRXvQzGuMw4jD2uY1CSA

Entry address:

0x3CCDAC

Entry point:

55, 8B, EC, 83, C4, F0, B8, 74, 61, 7B, 00, E8, 5C, F2, C3, FF, E8, 3B, 8B, FE, FF, E8, 86, A8, C3, FF, 8B, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 32, 13, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

3.8 MB (3,977,216 bytes)

Service

Display name:

Usoris - R-Server

Service name:

RManService

Description:

Allows Remote Utilities users to connect to this machine.

Type:

Win32OwnProcess, InteractiveProcess

Remove rutserv.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.