home

RMX.exe

Reversevision

ReverseVision

Publisher:
Reversevision Inc.  (signed by ReverseVision)

Product:
Reversevision

Description:
Reversevision Application

Version:
1.0.0.0

MD5:
a6aac9cac3aee56237523df3992368b5

SHA-1:
db555c8f2757f1a3db428e4b449871ee8625273d

SHA-256:
c259884af33f78d1bb263801fb6557812c1e6205eec07215c6ae14569f7e063b

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
1/3/2025 9:49:27 PM UTC  (today)

Scan engine
Detection
Engine version

Zillya! Antivirus
Worm.VBNA.Win32.264806
2.0.0.2577

File size:
1.6 MB (1,679,072 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © Reversevision Inc. 2005-2013

Original file name:
RMX.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\apps\2.0\rajn7qz5.1t0\e4horrpa.tgz\rmx...tion_c19485c9fc678f5e_0005.0002_7267ca2c4d17b9e4\rmx.exe

Digital Signature
Signed by:
ReverseVision

Authority:
COMODO CA Limited

Valid from:
1/29/2012 7:00:00 PM

Valid to:
1/29/2017 6:59:59 PM

Subject:
CN=ReverseVision, O=ReverseVision, STREET=3310 Pollock Pl, L=Raleigh, S=NC, PostalCode=27607, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00975D8787A1CAB2B7D6110F0543D02A95

File PE Metadata
Compilation timestamp:
5/27/2015 12:58:13 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:dlSK2sxXuEiDRO3IkZ5vz2ilv8/1ZdJC8m4UO3IkZ5L:bKeIkZ5vz2Iv81ZdJCsIkZ5L

Entry address:
0x18862E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.3455

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
1.5 MB (1,599,488 bytes)

Scan RMX.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.