home

SiteRemoteClientService.exe

SiteRemote

PROVISIO GmbH

It runs as a separate (within the context of its own process) windows Service named “SiteRemote Client”.
Publisher:
PROVISIO Corporation  (signed by PROVISIO GmbH)

Product:
SiteRemote

Description:
SiteRemote Client Service

Version:
1.1.0.94

MD5:
3f807649f4fc8c30c15322921b1d82eb

SHA-1:
5e5a70390c9222bf60f507ea59ad3bfd08588311

SHA-256:
fa3162d5465c984147d00dfbd7a9b7c855b99047ca5ba52b3fa78d9bd2d9be30

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/26/2024 4:38:48 AM UTC  (today)

Scan engine
Detection
Engine version

Emsisoft Anti-Malware
MemScan:Trojan.Dropper.TSZ
8.16.11.26.09

File size:
144.5 KB (148,016 bytes)

Product version:
1.1.0.94

Copyright:
© PROVISIO. All rights reserved.

Original file name:
SiteRemoteClientService.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\sitekiosk\siteremote\siteremoteclientservice.exe

Digital Signature
Signed by:
PROVISIO GmbH

Authority:
GlobalSign nv-sa

Valid from:
11/23/2010 12:22:11 PM

Valid to:
11/23/2013 12:22:08 PM

Subject:
E=contact-europe@provisio.com, CN=PROVISIO GmbH, O=PROVISIO GmbH, L=Muenster, S=NRW, C=DE

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000012C78E123B0

File PE Metadata
OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:1cRNxAL2pneC1DuSiCwCVHGxzt65NL5iS3Bul8L72E/:1OTpn71WCwCop2FD3klg

Entry address:
0x23623

Entry point:
FF, 25, 00, 60, 42, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.0697

Code size:
136 KB (139,264 bytes)

Service
Display name:
SiteRemote Client

Description:
Provides status information and control capabilities to a SiteRemote server.

Type:
Win32OwnProcess


Scan SiteRemoteClientService.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.