home

rmth.exe

rmth32

Li Xin

Publisher:
Li Xin  (signed and verified)

Product:
rmth32

Description:
rmth

Version:
1.0

MD5:
a47c0868e88174e3f94d3255aff523ff

SHA-1:
1f718ef38e7efa68d4da18b3fc8d749850057963

SHA-256:
a9770432008a29e98e1e65310ddfe78cbfb76d9e5f4c2e13dce68ea2f45a96d9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 10:46:30 PM UTC  (today)

File size:
29.6 KB (30,280 bytes)

Product version:
1.0

Copyright:
rmth

Original file name:
rmth32.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\rmth.exe

Digital Signature
Signed by:
Li Xin

Authority:
WoSign CA Limited

Valid from:
3/13/2015 9:55:41 AM

Valid to:
3/13/2016 10:55:41 AM

Subject:
CN=Li Xin, L=Yingshan, S=Sichuan, C=CN

Issuer:
CN=WoSign Class 2 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
4EC8808F9295E7018CE5A64639E18B6B

File PE Metadata
Compilation timestamp:
7/20/2015 5:23:31 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.50

CTPH (ssdeep):
768:57sDuSnA0fn+POKNqt2zgITzIgMA9JEppppppppppppphpiCc3bqRd:2nRMHEt29zFMA9J73bad

Entry address:
0x18C0

Entry point:
55, 89, E5, 6A, FF, 68, 3C, 51, 40, 00, 68, E8, 19, 40, 00, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 83, EC, 08, 83, EC, 48, 53, 56, 57, 89, 65, E8, 68, 00, 00, 00, 02, E8, ED, 0D, 00, 00, 59, A3, 54, 68, 40, 00, E8, 02, 03, 00, 00, 85, C0, 74, 2F, C7, 45, FC, 00, 00, 00, 00, E8, 22, 05, 00, 00, E8, DD, 05, 00, 00, E8, 28, 06, 00, 00, E8, 63, 0A, 00, 00, E8, FE, 0A, 00, 00, BB, 44, 58, 40, 00, 81, FB, 44, 58, 40, 00, 73, 1C, EB, 0D, 6A, FE, E8, B8, 0B, 00, 00, 59, E9, 91, 00, 00, 00, FF, 13...
 
[+]

Entropy:
6.3009

Code size:
13 KB (13,312 bytes)

Scan rmth.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.