home

bahecat.exe

ECAT

EMC Corporation

The executable bahecat.exe has been detected as malware by 3 anti-virus scanners.
Publisher:
EMC Corporation

Product:
ECAT

Description:
ECAT Service

Version:
3.5.0.0

MD5:
8343edba43d68f7d7bb70950f3097f01

SHA-1:
724d4b744a297b7275743c3e4adf1eede57bf6d1

SHA-256:
eeeb3690eb7e75213c65a563e301abd92c8ca6a95734152a742da5c377cd5ff3

Scanner detections:
3 / 68

Status:
Malware

Analysis date:
4/24/2024 9:17:08 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.DownLoader
7.1.1

Avira AntiVirus
TR/Dropper.Gen2
7.11.30.172

Dr.Web
Trojan.DownLoader9.25006
9.0.1.05190

File size:
2.5 MB (2,655,232 bytes)

Product version:
3.5.0.0

Copyright:
Copyright © 2013 EMC Corporation All Rights Reserved.

Original file name:
ECAT-Inst.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
8/7/2013 5:11:21 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
49152:NSQeQYiQx6E1SBiPxB2plb3SoP64AKRYiipJglrrGFxf9WYwsjLt6A:EJQYiQx6KB2H3Sof8iiQpSFx1P5js

Entry address:
0x3130

Entry point:
E8, 08, 22, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, FF, 15, 7C, B0, 40, 00, 6A, 01, A3, C4, 10, 41, 00, E8, C6, 28, 00, 00, FF, 75, 08, E8, 5A, 26, 00, 00, 83, 3D, C4, 10, 41, 00, 00, 59, 59, 75, 08, 6A, 01, E8, AC, 28, 00, 00, 59, 68, 09, 04, 00, C0, E8, 28, 26, 00, 00, 59, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, 8D, 71, 00, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, A8, 0E, 41, 00, 89, 0D, A4, 0E, 41, 00, 89, 15, A0, 0E, 41, 00, 89, 1D, 9C, 0E, 41, 00, 89, 35, 98, 0E, 41, 00, 89, 3D, 94...
 
[+]

Entropy:
7.7083  (probably packed)

Code size:
37 KB (37,888 bytes)

Remove bahecat.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.