» RAinfo.sys
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

RAinfo.sys

RemotelyAnywhere

LogMeIn, Inc.

It runs as a Windows 64-bit kernel mode device driver named “LogMeIn Kernel Information Provider”. This is installed with LogMeIn.

File name:

RAinfo.sys

Publisher:

LogMeIn, Inc. (signed and verified)

Product:

RemotelyAnywhere

Description:

RemotelyAnywhere Kernel Information Provider

Version:

11.1.0.3220

MD5:

588c1856336ca9e0746b1d7df58dff53

SHA-1:

d0415ade5501a645d8a43a0a90ab32a312bd4605

SHA-256:

1bea49df2389652fad5bf45ea3fc7b5eded4752d0d89c74543298744361c2e2a

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/30/2024 8:16:28 AM UTC (today)

File size:

29.7 KB (30,448 bytes)

Product version:

11.1.0.3220

Original file name:

RAinfo.sys

File type:

Driver (Win64 SYS)

Language:

English (United States)

Common path:

C:\Program Files\logmein\x64\rainfo.sys

Digital Signature

Signed by:

LogMeIn, Inc.

Authority:

DigiCert Inc

Valid from:

6/17/2015 7:00:00 PM

Valid to:

6/22/2018 7:00:00 AM

Subject:

CN="LogMeIn, Inc.", O="LogMeIn, Inc.", L=Boston, S=Massachusetts, C=US, PostalCode=02210, STREET=320 Summer Street, SERIALNUMBER=3830661, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US, OID.2.5.4.15=Private Organization

Issuer:

CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

080D35880102E23D2340F69EB3C0E561

File PE Metadata

Compilation timestamp:

1/10/2017 10:29:51 AM

OS version:

6.3

OS bitness:

Win64

Subsystem:

Native (none required)

Linker version:

12.0

Entry address:

0x1638

Entry point:

48, 89, 5C, 24, 08, 57, 48, 83, EC, 20, 48, 8B, DA, 48, 8B, F9, E8, B3, 49, 00, 00, 48, 8B, D3, 48, 8B, CF, 48, 8B, 5C, 24, 30, 48, 83, C4, 20, 5F, E9, B2, FE, FF, FF, CC, CC, 48, 89, 5C, 24, 08, 57, 48, 83, EC, 20, 48, 8B, 05, 93, 2A, 00, 00, 48, 8B, F9, 48, 8D, 0D, 71, 2A, 00, 00, 48, 8D, 1D, 7A, 2A, 00, 00, 48, 3B, C1, 74, 45, 48, 3B, D8, 77, 40, 48, 8B, 43, 40, 48, 85, C0, 74, 18, 4C, 8B, 05, 18, 37, 00, 00, 48, 8D, 0D, 39, 0D, 00, 00, 4C, 8B, CB, 48, 8B, D7, FF, D0, EB, 12, 48, 8B, 15, 00, 37, 00, 00... 
[+]

Entropy:

6.7188

Code size:

6.5 KB (6,656 bytes)

Driver

Display name:

LogMeIn Kernel Information Provider

Service name:

LMIInfo

Type:

Kernel device driver (KernelDriver)

The file RAinfo.sys has been discovered within the following programs.

LogMeIn by LogMeIn, Inc.

LogMeIn remote access products use a proprietary remote desktop protocol that is transmitted via SSL. An SSL certificate is created for each remote desktop and is used to cryptographically secure communications between the remote desktop and the accessing computer.

www.logmein.com

1% remove it

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.