» Breakaway.exe
Overview
Analysis
File Details
Behaviors (1)

Breakaway.exe

Breakaway Audio Enhancer

Claesson Edwards Audio LLC

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Breakaway’.

File name:

Breakaway.exe

Publisher:

ClaessonEdwards LLC (signed by Claesson Edwards Audio LLC)

Product:

Breakaway Audio Enhancer

Version:

1,3,0,05

MD5:

c983034af274767ec6e6453dd0a23b36

SHA-1:

66abade73ce6511c3421a1146acedc3a42aa07bf

SHA-256:

e441ff03b11496d0aec75fbeb54b0509a2f13b278eb22163f5a5f23e5272eeed

Scanner detections:

4 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/25/2024 6:14:11 AM UTC (today)

Scan engine

Detection

Engine version

Bitdefender

Gen:Variant.Symmi.37660

1.0.20.440

Emsisoft Anti-Malware

Gen:Variant.Symmi.37660

8.16.03.28.09

G Data

Gen:Variant.Symmi.37660

16.3.25

Qihoo 360 Security

HEUR/QVM19.1.0000.Malware.Gen

1.0.0.1120

File size:

5.9 MB (6,219,792 bytes)

Product version:

1,3,0,05

Original file name:

Breakaway.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\breakaway\breakaway.exe

Digital Signature

Signed by:

Claesson Edwards Audio LLC

Authority:

Symantec Corporation

Valid from:

2/17/2016 2:00:00 AM

Valid to:

2/17/2017 1:59:59 AM

Subject:

CN=Claesson Edwards Audio LLC, O=Claesson Edwards Audio LLC, L=Antioch, S=California, C=US

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

18CD84B75345F80E71C411E66098F7EA

File PE Metadata

Compilation timestamp:

2/20/2016 4:13:47 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

98304:La1a9+1U3XvcWtulGMReZirgHz6S9HGUIukgXjMLEvDt:Ll9+usGFZ8D90jMQvDt

Entry address:

0xA4F000

Entry point:

56, 50, 53, E8, 01, 00, 00, 00, CC, 58, 89, C3, 40, 2D, 00, 70, 2F, 00, 2D, C0, 2F, 73, 06, 05, B7, 2F, 73, 06, 80, 3B, CC, 75, 19, C6, 03, 00, BB, 00, 10, 00, 00, 68, E0, A8, F0, 17, 68, 1A, 67, F3, 1F, 53, 50, E8, 0A, 00, 00, 00, 83, C0, 00, 89, 44, 24, 08, 5B, 58, C3, 55, 89, E5, 50, 53, 51, 56, 8B, 75, 08, 8B, 4D, 0C, C1, E9, 02, 8B, 45, 10, 8B, 5D, 14, 85, C9, 74, 0A, 31, 06, 01, 1E, 83, C6, 04, 49, EB, F2, 5E, 59, 5B, 58, C9, C2, 10, 00, C6, 3B, FB, 49, E2, 74, D5, 69, CA, 6B, 67, 1A, 45, 12, 3A, 87... 
[+]

Code size:

2.2 MB (2,306,048 bytes)

Startup File (All Users Run)

Registry location:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

Breakaway

Command:

"C:\Program Files\breakaway\breakaway.exe" force

Scan Breakaway.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.