WARiud.exe

WinAntiRansom

Ruiware, LLC.

Publisher:
Ruiware  (signed by Ruiware, LLC.)

Product:
WinAntiRansom

Description:
WinAntiRansom Support Application

Version:
2015.12.8.1

MD5:
1a3a8f147a47bdbbe6f86a7d0bc5e107

SHA-1:
ed980c2213f9c72e0cb439fb0608549a8a5bd43c

SHA-256:
379a41da1875c33b2c287006641f1556944487408a3981e622a8a5053a60f8aa

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 8:42:03 AM UTC  (today)

File size:
56.1 KB (57,480 bytes)

Product version:
2015.12.8.1

Copyright:
Copyright (C) 2015

Original file name:
WARiud.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\ruiware\winantiransom\drivers\x64\wariud.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
8/2/2015 7:00:00 AM

Valid to:
8/2/2016 6:59:59 AM

Subject:
CN="Ruiware, LLC.", O="Ruiware, LLC.", STREET=613 Century Dr, L=Largo, S=FL, PostalCode=33771-2120, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
19D89307FAF6BB6836D75229899B5E09

File PE Metadata
Compilation timestamp:
12/14/2015 5:00:52 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
10.0

CTPH (ssdeep):
1536:PRgdcZLjujM1TCEH5YjHLfXvLWdMZvlYiM:JOcZLV1TCmYjrffLWdMZvlw

Entry address:
0x1FE4

Entry point:
48, 83, EC, 28, E8, FF, 35, 00, 00, 48, 83, C4, 28, E9, 76, FE, FF, FF, CC, CC, 48, 89, 5C, 24, 20, 55, 56, 57, 41, 54, 41, 55, 41, 56, 41, 57, 48, 8D, AC, 24, D0, E5, FF, FF, B8, 30, 1B, 00, 00, E8, 06, 3A, 00, 00, 48, 2B, E0, 48, 8B, 05, F4, 9F, 00, 00, 48, 33, C4, 48, 89, 85, 20, 1A, 00, 00, 33, FF, 45, 8B, F0, 4C, 8B, EA, 21, 7C, 24, 44, 48, 63, D9, 45, 85, C0, 75, 07, 33, C0, E9, E5, 06, 00, 00, 48, 85, D2, 75, 1F, E8, 95, 14, 00, 00, 21, 38, E8, 6E, 14, 00, 00, C7, 00, 16, 00, 00, 00, E8, FB, 13, 00...
 
[+]

Entropy:
6.0126

Code size:
28.5 KB (29,184 bytes)

The file WARiud.exe has been discovered within the following program.

WinAntiRansom  by WinPatrol
www.winpatrol.com/winantiransom
19% remove it
 
Powered by Should I Remove It?

Scan WARiud.exe - Powered by Reason Core Security