» rxagentservice.exe
Overview
Analysis
File Details
Behaviors (1)

rxagentservice.exe

Nulana LTD

It runs as a separate (within the context of its own process) windows Service named “Remotix Agent Service”.

File name:

rxagentservice.exe

Publisher:

Nulana LTD (signed and verified)

MD5:

5f053844b874b7c3d7941b50169d6798

SHA-1:

f2497ffefee8d9a9dbdafe5570b9846fb1c8ec5c

SHA-256:

e3bbb6f500ae3688f1270dc0d8d57f82742fc257fe13ebc4d6c8ae9138f67e49

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

2/26/2025 6:08:29 AM UTC (today)

Scan engine

Detection

Engine version

Qihoo 360 Security

HEUR/QVM10.1.0000.Malware.Gen

1.0.0.1120

File size:

2.5 MB (2,667,744 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\remotix agent\rxagentservice.exe

Digital Signature

Signed by:

Nulana LTD

Authority:

Symantec Corporation

Valid from:

7/3/2016 5:00:00 PM

Valid to:

2/15/2017 3:59:59 PM

Subject:

CN=Nulana LTD, O=Nulana LTD, L=Perm, S=Permskiy Krai, C=RU

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

1A6FCD5D3198552FED906E62D4755045

File PE Metadata

Compilation timestamp:

2/8/2017 6:11:13 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

14.0

Entry address:

0x1D3232

Entry point:

E8, E4, 05, 00, 00, E9, 87, FE, FF, FF, 3B, 0D, 84, 22, 67, 00, F2, 75, 02, F2, C3, F2, E9, 28, 00, 00, 00, 55, 8B, EC, 6A, 00, FF, 15, CC, 71, 5F, 00, FF, 75, 08, FF, 15, AC, 71, 5F, 00, 68, 09, 04, 00, C0, FF, 15, DC, 72, 5F, 00, 50, FF, 15, 54, 73, 5F, 00, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, 2B, 32, 02, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, 50, 57, 69, 00, 89, 0D, 4C, 57, 69, 00, 89, 15, 48, 57, 69, 00, 89, 1D, 44, 57, 69, 00, 89, 35, 40, 57, 69, 00, 89, 3D, 3C, 57, 69, 00, 66... 
[+]

Entropy:

6.7074

Code size:

2 MB (2,054,656 bytes)

Service

Display name:

Remotix Agent Service

Service name:

RXAgentService

Type:

Win32OwnProcess

Scan rxagentservice.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.