» rwscmd.exe
Overview
Analysis
File Details

rwscmd.exe

NCP engineering GmbH

File name:

rwscmd.exe

Publisher:

NCP engineering GmbH (signed and verified)

MD5:

1552044de5f7e3c91421890abbee0da2

SHA-1:

7de1356971ea039bda3bea0375316eee351c6c8d

SHA-256:

c96ac2c9eba0911ff36f41aa9d672117326e9c52bf7c99ae0905a9e6d05a938f

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 7:21:37 PM UTC (today)

File size:

2 MB (2,055,248 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\funkwerk secure ipsec client\rwscmd.exe

Digital Signature

Signed by:

NCP engineering GmbH

Authority:

VeriSign, Inc.

Valid from:

3/11/2010 1:00:00 AM

Valid to:

3/18/2013 12:59:59 AM

Subject:

CN=NCP engineering GmbH, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=NCP engineering GmbH, L=Nuernberg, S=Bavaria, C=DE

Issuer:

CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

09FBFDD3C42535FCB523AED327717E24

File PE Metadata

Compilation timestamp:

11/16/2011 9:25:39 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:r7KQ7t7IxhKSfE+zjPVzh7qoXTKiUTcdy87QSuI:HNVC3h7qo//QSZ

Entry address:

0x1955C4

Entry point:

55, 8B, EC, B9, 04, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 51, 53, B8, 58, D1, 58, 00, E8, B1, 5D, E7, FF, 33, C0, 55, 68, 3D, 5A, 59, 00, 64, FF, 30, 64, 89, 20, E8, 8E, 71, E7, FF, 8B, D8, 8B, C3, E8, B5, ED, E7, FF, 3D, FA, 00, 00, 00, 0F, 87, 1C, 04, 00, 00, 6A, 02, B9, 58, 5A, 59, 00, B2, 01, A1, 40, 94, 4E, 00, E8, 0B, 40, F5, FF, 8B, 15, E8, CD, 59, 00, 89, 02, E8, D6, 91, F6, FF, B8, 60, 00, 00, 00, E8, 14, EC, E6, FF, 8B, 15, 18, D2, 59, 00, 89, 02, A1, 54, CE, 59, 00, E8, 52, 12, E7, FF, 33, DB... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

1.6 MB (1,654,784 bytes)

Scan rwscmd.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.