The MDES SDK V4 (MDES SDK V4 Removal Module) OPSWAT, Inc File Malware Analysis
Gridinsoft Logo
File Icon

The MDES SDK V4 (MDES SDK V4 Removal Module) File Analysis

Updated 1 month ago
Checked by Malware Check
rm.exe

Technical Analysis

File Name rm.exe
File Type
PE32 executable (console) Intel 80386, for MS Windows
Scanner Version 1.0.229.174
Database Version 2025-12-04 14:00:40 UTC
βœ“

Clean File

No threats detected by our scanner

0%
Detection Rate
4,056,896
File Size (bytes)
2025-12-04
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
b5d9463e6e33da27ff4b701b4582dc95
SHA1
566f33b3aa032bc923dd06d0cee1a202d39352c1
SHA256
60e0244e2c7471afb98d65473932ae8daf50b4cc0a98c113a29aba0fed1d8608
SHA512
8efe057291277819c4bf7324409fb5944a8fcdd1ba397464a6b7789c90d7647215c241d208606862d4453686f65803f2db8292fc21c700b8267e04754a2f329a
ImpHash
e525c64c63faa82c3d73fbd0686c1fe0

PE Analysis

Basic Information

β–Ό
Icon
Hash: 17b933849415972e9721d6adbde2f0d6
Fuzzy: 1c8fc294b6e60b54c2953497dd3f3a03
dHash: 4cb269c4dc69324c
Image Base 0x00400000
Entry Point 0x0065de20
Compilation Time 2025-07-29 21:12:08
Checksum 0x003e2ff7 (Actual: 0x003e2ff7)
OS Version 6.0
PEiD Signatures PE32 executable (console) Intel 80386, for MS Windows
PDB Path rm.pdb
Digital Signature OK
Imports 14 libraries
Exports 0 functions
Resources 12 Resources
Sections 6 Sections

Version Information

β–Ό
CompanyName OPSWAT, Inc.
FileDescription MDES SDK V4 Removal Module
FileVersion 2017.08.20.0920
InternalName rm.exe
LegalCopyright Β© OPSWAT, Inc. All rights reserved.
OriginalFilename rm.exe
ProductName MDES SDK V4
ProductVersion 4.0.0.2
Translation 0x0409 0x04b0

PE Sections

β–Ό
Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 3,220,191 bytes 3,220,480 bytes 6.43 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 2C3030733CD3DDA68307468405F69338
.rdata 0x00314000 437,454 bytes 437,760 bytes 5.38 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ C71E9284B29A995BDE5F08F9142F0DD5
.data 0x0037f000 27,612 bytes 21,504 bytes 4.98 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 0E6BCA059C49A9A8BC21D30A2C6212D1
.tls 0x00386000 9 bytes 512 bytes 0.02 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 1F354D76203061BFDD5A53DAE48D5435
.rsrc 0x00387000 224,912 bytes 225,280 bytes 5.68 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ B19B7BF04B34F338BFBCFBC88AFCD63E
.reloc 0x003be000 139,792 bytes 140,288 bytes 6.70 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ BC1AFD25ED03B743B8C4A68FF2A35A24
Entropy Analysis Alert

1 section(s) with elevated entropy (β‰₯6.5) - possible compression

Resource Analysis

β–Ό
Total Resources: 12 (224,176 bytes)
Resource Type Count Total Size Percentage
SYS 3 121,696 bytes
54.3%
RT_ICON 6 101,245 bytes
45.2%
RT_GROUP_ICON 1 90 bytes
0%
RT_VERSION 1 764 bytes
0.3%
RT_MANIFEST 1 381 bytes
0.2%

Certificate Chain Analysis

β–Ό
Certificate Information
Product MDES SDK V4
Description MDES SDK V4 Removal Module
File Version 2017.08.20.0920
Original Name rm.exe
Signing Date 09:16 PM 07/29/2025 (162 days ago)
Verification Status Signed
Signers OPSWAT, Inc.; DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1; DigiCert Trusted Root G4; DigiCert
Counter Signers DigiCert SHA256 RSA4096 Timestamp Responder 2025 1; DigiCert Trusted G4 TimeStamping RSA4096 SHA256 2025 CA1; DigiCert Trusted Root G4; DigiCert
Internal Name rm.exe
Copyright Β© OPSWAT, Inc. All rights reserved.
Certificate Chain Summary
DigiCert High Assurance EV Root CA #1 Primary
Validity Period: 2011-04-15 19:45:33 β†’ 2021-04-15 19:55:33
Signature Algorithm: sha1RSA
Serial Number: 61 20 4D B4 00 00 00 00 00 27
DigiCert Trusted Root G4 #2 Chain
Validity Period: 2022-06-09 00:00:00 β†’ 2031-11-09 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 01 24 0A FB 1E 38 0B 8A 16 F1 4B 71 9D F4 D3 C0
OPSWAT, Inc. #3 Chain
Validity Period: 2021-04-16 00:00:00 β†’ 2024-05-03 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 04 00 F4 C9 60 66 81 5D CE AB 39 35 08 65 47 81
DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA #4 Chain
Validity Period: 2022-03-23 00:00:00 β†’ 2037-03-22 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 07 36 37 B7 24 54 7C D8 47 AC FD 28 66 2A 5E 5B
DigiCert EV Code Signing CA (SHA2) #5 Chain
Validity Period: 2012-04-18 12:00:00 β†’ 2027-04-18 12:00:00
Signature Algorithm: sha256RSA
Serial Number: 03 F1 B4 E1 5F 3A 82 F1 14 96 78 B3 D7 D8 47 5C
DigiCert Timestamp 2022 - 2 #6 Chain
Validity Period: 2022-03-29 00:00:00 β†’ 2033-03-14 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 0A 7A 4A 88 9E C9 99 42 90 06 63 38 4D 86 97 9D
Microsoft Windows Hardware Compatibility Publisher #7 Chain
Validity Period: 2022-03-10 19:58:04 β†’ 2023-03-08 19:58:04
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 00 DB FF 61 AC C2 CC DF 65 F7 00 00 00 00 00 DB
Microsoft Windows Third Party Component CA 2012 #8 Chain
Validity Period: 2012-04-18 23:48:38 β†’ 2027-04-18 23:58:38
Signature Algorithm: sha256RSA
Serial Number: 61 0B AA C1 00 00 00 00 00 09
Microsoft Time-Stamp Service #9 Chain
Validity Period: 2021-10-28 19:27:41 β†’ 2023-01-26 19:27:41
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 01 89 B4 BF 86 30 84 1C 4B 8F 00 01 00 00 01 89
Microsoft Time-Stamp PCA 2010 #10 Chain
Validity Period: 2021-09-30 18:22:25 β†’ 2030-09-30 18:32:25
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 00 15 C5 E7 6B 9E 02 9B 49 99 00 00 00 00 00 15
Microsoft Windows Hardware Compatibility Publisher #11 Chain
Validity Period: 2022-03-10 19:58:05 β†’ 2023-03-08 19:58:05
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 00 DC 34 1A 52 0F BB CF 3D 8C 00 00 00 00 00 DC
Microsoft Time-Stamp Service #12 Chain
Validity Period: 2021-10-28 19:27:46 β†’ 2023-01-26 19:27:46
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 01 8F F3 51 A8 EB 5A 72 DD CC 00 01 00 00 01 8F
Microsoft Time-Stamp Service #13 Chain
Validity Period: 2021-12-02 19:05:19 β†’ 2023-02-28 19:05:19
Signature Algorithm: sha256RSA
Serial Number: 33 00 00 01 9D FE 89 E5 F9 7B BB 4C C0 00 01 00 00 01 9D
DigiCert Trusted Root G4 #14 Chain
Validity Period: 2022-08-01 00:00:00 β†’ 2031-11-09 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 0E 9B 18 8E F9 D0 2D E7 EF DB 50 E2 08 40 18 5A
DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 #15 Chain
Validity Period: 2021-04-29 00:00:00 β†’ 2036-04-28 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 08 AD 40 B2 60 D2 9C 4C 9F 5E CD A9 BD 93 AE D9

βœ“ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

OK

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just thatβ€”peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware