» atiedxx.exe
Overview
Analysis
File Details
Network (2)

atiedxx.exe

AMD External Events Driver Module

ATI Technologies

File name:

atiedxx.exe

Publisher:

ATI Technologies

Product:

AMD External Events Driver Module

Version:

2.0.0.0

MD5:

58517eb001b595c94d2893b226a75c87

SHA-1:

2970c401c5c5df339dde737e6ec03a384bbaeda7

SHA-256:

42494c30045263f70e4be46076db5eadfc45b42e96d4eac383331249cdad6ede

Scanner detections:

10 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

7/14/2025 5:47:10 AM UTC (today)

Scan engine

Detection

Engine version

AhnLab V3 Security

Trojan/Win32.Febipos

14.09.16

Avira AntiVirus

TR/Crypt.TPM.Gen

7.11.150.60

Baidu Antivirus

Backdoor.Win32.Agent

4.0.3.14916

Bkav FE

HW32.CDB

1.3.0.4959

Comodo Security

UnclassifiedMalware

18286

Dr.Web

Tool.BtcMine.192

9.0.1.0259

ESET NOD32

Win32/Packed.Themida (variant)

8.9813

IKARUS anti.virus

Trojan.Crypt

t3scan.1.6.1.0

Malwarebytes

Trojan.FakeATI

v2014.09.16.06

Norman

Suspicious_Gen4.DNVKO

11.20140916

File size:

3 MB (3,111,950 bytes)

Product version:

2.0.0.0

Original file name:

atiedxx.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\ati technologies\atiedxx.exe

File PE Metadata

Compilation timestamp:

3/17/2013 6:42:00 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

2.22

CTPH (ssdeep):

49152:DGv4eKgP5Q7DYHz0sWjl7Nr2amsH9mk/neGruJ03OsH83/dqmci9xLWZ:DGHKgP5Q4IpqUkkfbuTvUi9dWZ

Entry address:

0x785000

Entry point:

83, EC, 04, 50, 53, E8, 01, 00, 00, 00, CC, 58, 89, C3, 40, 2D, 00, D0, 2B, 00, 2D, 03, 1D, 61, 00, 05, F8, 1C, 61, 00, 80, 3B, CC, 75, 19, C6, 03, 00, BB, 00, 10, 00, 00, 68, 20, E7, CE, 76, 68, 62, 07, 40, 6C, 53, 50, E8, 0A, 00, 00, 00, 83, C0, 00, 89, 44, 24, 08, 5B, 58, C3, 55, 89, E5, 50, 53, 51, 56, 8B, 75, 08, 8B, 4D, 0C, C1, E9, 02, 8B, 45, 10, 8B, 5D, 14, 85, C9, 74, 0A, 31, 06, 01, 1E, 83, C6, 04, 49, EB, F2, 5E, 59, 5B, 58, C9, C2, 10, 00, 2A, 25, 56, 08, 6B, 67, 1A, 45, 12, 3A, 87, AC, 17, 5A... 
[+]

Code size:

385.5 KB (394,752 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP:

Connects to static.45.38.9.5.clients.your-server.de (5.9.38.45:8332)

TCP:

Connects to static.176.102.76.144.clients.your-server.de (144.76.102.176:8332)

Scan atiedxx.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.