» demc942.tmp
Overview
Analysis
File Details

demc942.tmp

EslWireACD

Turtle Entertainment GmbH

File name:

demc942.tmp

Publisher:

<Turtle Entertainment> (signed by Turtle Entertainment GmbH)

Product:

EslWireACD

Version:

1.0.0.5684

MD5:

2ec8f464eb1cdb4dfb235b401f9cc412

SHA-1:

66593690ddc4b746c442e1883ae72d8c483e5363

SHA-256:

aa1ad45207dbe2bb4ed390f5a0047665951f0f79156901146610f7dfe72d1b6d

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/24/2024 5:07:49 AM UTC (today)

Scan engine

Detection

Engine version

McAfee

Generic Obfuscated.c

5600.6885

File size:

103.6 KB (106,096 bytes)

Product version:

1.0

Original file name:

EslWireACD

Common path:

C:\users\{user}\appdata\local\temp\demc942.tmp

Digital Signature

Signed by:

Turtle Entertainment GmbH

Authority:

GlobalSign nv-sa

Valid from:

9/29/2011 6:19:37 PM

Valid to:

12/27/2014 11:17:59 AM

Subject:

CN=Turtle Entertainment GmbH, OU=Desktop Software Development, O=Turtle Entertainment GmbH, L=Cologne, S=NRW, C=DE

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11211D81E9C09273DF1A6E9A05931416F400

File PE Metadata

Compilation timestamp:

11/18/2014 3:43:00 PM

OS version:

6.2

OS bitness:

Win64

Subsystem:

Native (none required)

Linker version:

11.0

CTPH (ssdeep):

1536:bCwBiA1bIOcX4zYt7XPHGxkj7YoAMMFR2YezBGcpqbgTBp2Lo2iGz:WbObN1+XvGx8YgMFR2r7S4A

Entry address:

0x753E9

Entry point:

E9, C9, E2, 00, 00, E9, 1C, A8, 00, 00, 0F, 82, B0, 4C, 00, 00, 38, E5, 66, 0F, A3, E2, E9, 41, B8, FF, FF, 00, 00, 4F, 62, 52, 65, 66, 65, 72, 65, 6E, 63, 65, 4F, 62, 6A, 65, 63, 74, 42, 79, 50, 6F, 69, 6E, 74, 65, 72, 00, 80, C4, 20, 66, 85, C2, 08, C0, 0F, 8D, 47, 95, 00, 00, 0F, 84, B7, 8E, 00, 00, F8, 38, E0, E9, 6F, 2F, 00, 00, E9, 9E, B5, FF, FF, 0F, 85, 0B, D4, FF, FF, E9, DD, 99, 00, 00, 00, 00, 49, 6F, 44, 65, 6C, 65, 74, 65, 53, 79, 6D, 62, 6F, 6C, 69, 63, 4C, 69, 6E, 6B, 00, E9, 39, 9E, 00, 00... 
[+]

Packer / compiler:

Xtreme-Protector v1.05

Code size:

27.5 KB (28,160 bytes)

Scan demc942.tmp - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.