home

Communicator.exe

Revation Communicator

Revation Systems

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Revation Communicator’.
Publisher:
Revation Systems  (signed and verified)

Product:
Revation Communicator

Version:
7.3.18

MD5:
1d3862dba4b42262510b1e855779783f

SHA-1:
e9156321577e3404b5452c2e8b9421404041dc96

SHA-256:
024631a33bcc4692146d4b27610fcd42ddd4b6be5cc76115c373e2789febb375

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/28/2024 11:37:19 AM UTC  (today)

File size:
3.5 MB (3,640,096 bytes)

Product version:
7.3.18

Copyright:
Revation Systems © 2015

Original file name:
Communicator.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\revation communicator\communicator.exe

Digital Signature
Signed by:
Revation Systems

Authority:
thawte, Inc.

Valid from:
6/8/2015 7:00:00 PM

Valid to:
6/8/2017 6:59:59 PM

Subject:
CN=Revation Systems, O=Revation Systems, L=Apple Valley, S=Minnesota, C=US

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
1733EF2D9D4740C18151B8F669D57BBA

File PE Metadata
Compilation timestamp:
1/22/2016 11:34:57 AM

OS version:
6.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
49152:RRJaYLQo/hLfxivrwiE6PLg+TcA7nz5bgDjcY5Mwg6LbcPJmUg5P0BzfYBTTKLcP:TYCQo+PlNgcwgEqKFdgA

Entry address:
0x20F7E4

Entry point:
48, 83, EC, 28, E8, 0B, EF, 00, 00, 48, 83, C4, 28, E9, 36, FE, FF, FF, CC, CC, 48, 85, C9, 74, 37, 53, 48, 83, EC, 20, 4C, 8B, C1, 48, 8B, 0D, 44, F0, 13, 00, 33, D2, FF, 15, EC, 6E, 05, 00, 85, C0, 75, 17, E8, 4F, 93, 00, 00, 48, 8B, D8, FF, 15, 4A, 70, 05, 00, 8B, C8, E8, 5F, 93, 00, 00, 89, 03, 48, 83, C4, 20, 5B, C3, CC, CC, CC, 48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 48, 8B, D9, 48, 83, F9, E0, 77, 7C, BF, 01, 00, 00, 00, 48, 85, C9, 48, 0F, 45, F9, 48, 8B, 0D, ED, EF, 13, 00, 48...
 
[+]

Entropy:
6.5185

Code size:
2.4 MB (2,507,264 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Revation Communicator

Command:
"C:\Program Files\revation communicator\communicator.exe"


Scan Communicator.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.