home

Communicator.exe

Revation Communicator

Revation Systems

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Revation Communicator’.
Publisher:
Revation Systems  (signed and verified)

Product:
Revation Communicator

Version:
7.4.16

MD5:
108198d6db18f610d5fd63151c7a32bf

SHA-1:
7c234dca8b8e7c44c1b642fd6a2d4dab8286af16

SHA-256:
a400def8230a01622a39ffb2151dcd7a9096c54f2a0537028bb0250f31a62499

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/28/2024 11:47:20 AM UTC  (today)

File size:
3.8 MB (3,973,408 bytes)

Product version:
7.4.16

Copyright:
Revation Systems © 2016

Original file name:
Communicator.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\revation communicator\communicator.exe

Digital Signature
Signed by:
Revation Systems

Authority:
thawte, Inc.

Valid from:
6/8/2015 8:00:00 PM

Valid to:
6/8/2017 7:59:59 PM

Subject:
CN=Revation Systems, O=Revation Systems, L=Apple Valley, S=Minnesota, C=US

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
1733EF2D9D4740C18151B8F669D57BBA

File PE Metadata
Compilation timestamp:
8/15/2016 3:18:01 PM

OS version:
6.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
49152:Nag4WZbntJ5djN1snkBakUZ5TVE6q/l4vfC1OYf4UaIcJ+Za8mGbPoDnJbRR3xa4:NaCSo1OYEJbgS+kMFcUJI

Entry address:
0x24B410

Entry point:
48, 83, EC, 28, E8, 37, 0E, 00, 00, 48, 83, C4, 28, E9, 82, FE, FF, FF, CC, CC, 48, 83, EC, 28, 4D, 8B, 41, 38, 48, 8B, CA, 49, 8B, D1, E8, 0D, 00, 00, 00, B8, 01, 00, 00, 00, 48, 83, C4, 28, C3, CC, CC, CC, 40, 53, 45, 8B, 18, 48, 8B, DA, 41, 83, E3, F8, 4C, 8B, C9, 41, F6, 00, 04, 4C, 8B, D1, 74, 13, 41, 8B, 40, 08, 4D, 63, 50, 04, F7, D8, 4C, 03, D1, 48, 63, C8, 4C, 23, D1, 49, 63, C3, 4A, 8B, 14, 10, 48, 8B, 43, 10, 8B, 48, 08, 48, 03, 4B, 08, F6, 41, 03, 0F, 74, 0A, 0F, B6, 41, 03, 83, E0, F0, 4C, 03...
 
[+]

Entropy:
6.5336

Code size:
2.7 MB (2,788,864 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Revation Communicator

Command:
"C:\Program Files\revation communicator\communicator.exe"


Scan Communicator.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.