» ATIESRXX.EXE
Overview
Analysis
File Details
Behaviors (1)

ATIESRXX.EXE

AMD External Events

AMD

The executable ATIESRXX.EXE, “AMD External Events Service Module” has been detected as malware by 13 anti-virus scanners. It runs as a separate (within the context of its own process) windows Service named “AMD External Events Utility”.

File name:

ATIESRXX.EXE

Publisher:

AMD

Product:

AMD External Events

Description:

AMD External Events Service Module

Version:

6.14.11.1175

MD5:

6d9bac4736f3b02e0f0e052f232d6c91

SHA-1:

3e7046963d2f3938e0f92b4440aaf03b98086f3f

SHA-256:

1071e4156101cb1fa6dc26641130cf152f34a1a99516a4ee5667c41d3404241f

Scanner detections:

13 / 68

Status:

Malware

Analysis date:

5/10/2024 4:08:13 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Win32.Virtob.Gen.12

5813571

avast!

Win32:Virtu-A

160201-0

AVG

Win32/Virut

2015.0.4522

Dr.Web

Win32.Virut.56

9.0.1.05190

Emsisoft Anti-Malware

Win32.Virtob.Gen.12

10.0.0.5366

ESET NOD32

Win32/Virut.NBP virus

7.0.302.0

F-Prot

W32/Swizzor.A.gen

4.6.5.141

Kaspersky

Virus.Win32.Virut

15.0.0.562

McAfee

Virus.W32/Virut.n.gen

18.0.204.0

Microsoft Security Essentials

Threat.Undefined

1.213.5087.0

Norman

Win32.Virtob.Gen.12

03.12.2014 13:20:04

Sophos

Virus 'W32/Scribble-B'

5.22

VIPRE Antivirus

Threat.4737366

46908

File size:

231 KB (236,544 bytes)

Product version:

6.14.11.1175

Original file name:

ATIESRXX.EXE

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Windows\System32\atiesrxx.exe

File PE Metadata

Compilation timestamp:

7/14/1995 10:16:51 PM

OS version:

6.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

11.0

CTPH (ssdeep):

3072:Vjeis/FeQihjwkADYgCWKHnvnftpSK0JLVHV91+383wZAQLZVcibxNm1LxsUyjAF:jBnAy9Ht0KkVHT1+stQLEiVo1Lx

Entry address:

0x3E32C

Entry point:

90, 83, 3C, 24, FE, 77, FE, 8D, 64, 24, CC, 60, 83, EC, DC, 90, F6, D5, 8A, CB, E8, C1, 02, 00, 00, BF, 98, 40, 42, A3, 4B, 66, 4B, 8D, 47, 8E, 75, F9, F7, D2, 40, 90, FF, 73, 3C, 11, DA, 59, 81, E9, FD, FF, FF, 7F, 73, E6, 97, B4, A0, 90, 81, D9, E6, 13, 00, 00, 71, DA, 11, D7, 42, 4A, E9, 09, 01, 00, 00, 54, FF, 54, 24, 5C, FF, 54, 24, 5C, FF, 54, 24, 58, B8, 02, F8, DB, 61, FF, D7, 3B, F0, 0F, 84, 9E, 98, FF, FF, 50, 0F, 31, 5E, C3, 83, D9, 09, 90, 4C, 74, 6B, 43, 33, 00, 0F, BE, F3, 49, 8D, 34, 30, E8... 
[+]

Code size:

128 KB (131,072 bytes)

Service

Display name:

AMD External Events Utility

Type:

Win32OwnProcess

Group:

Event log

Remove ATIESRXX.EXE - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.