home

demcf21.tmp

ESLAnticheat

Turtle Entertainment GmbH

It runs as a Windows 64-bit kernel mode device driver named “ESLAnticheat”.
Publisher:
<Turtle Entertainment>  (signed by Turtle Entertainment GmbH)

Product:
ESLAnticheat

Version:
1.0.0.73

MD5:
7dd2a65d7c10646840962f2a10827032

SHA-1:
ce61df6b0f5ae16c1c32bde05094584a2ac80d78

SHA-256:
734694f8d1d8fa366e494e6604f68b1869448d9d54c2190013588e57219b5b52

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/4/2024 12:21:17 PM UTC  (today)

File size:
93.9 KB (96,192 bytes)

Product version:
1.0

Copyright:
Copyright © 2016

Original file name:
ESLAnticheat

Common path:
C:\users\{user}\appdata\local\temp\demcf21.tmp

Digital Signature
Signed by:
Turtle Entertainment GmbH

Authority:
GlobalSign nv-sa

Valid from:
12/12/2014 2:53:35 PM

Valid to:
1/26/2018 11:17:59 AM

Subject:
CN=Turtle Entertainment GmbH, O=Turtle Entertainment GmbH, L=Cologne, S=NRW, C=DE

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121A1E8F7E6944C92C7CA61440EFF3F250E

File PE Metadata
Compilation timestamp:
2/23/2017 2:38:10 PM

OS version:
10.0

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
14.0

Entry address:
0xF2F8

Entry point:
E9, 34, 0D, 00, 00, E9, 32, 41, 00, 00, E8, 42, B5, 00, 00, E9, 60, BB, 00, 00, 66, 0F, BA, E5, 0C, F5, F5, 48, 0F, A3, ED, 08, E4, E9, C8, 4C, 00, 00, E8, 26, B5, 00, 00, E9, FA, 7F, 00, 00, 10, C0, E9, B9, 3D, 00, 00, E9, 37, B3, 00, 00, 0F, 84, 19, 42, 00, 00, 66, F7, C4, CA, E9, F8, F5, 48, 01, F8, F5, 66, 39, E9, F9, F9, 48, 39, D0, E9, 3C, 51, 00, 00, E9, 2D, AD, 00, 00, E9, 35, 76, 00, 00, E9, 7B, 51, 00, 00, 0F, 83, 6E, B2, 00, 00, C0, E0, 04, B3, 02, D0, C0, C0, E8, 03, 0F, BA, E3, 0A, 83, C1, 01...
 
[+]

Packer / compiler:
Xtreme-Protector v1.05

Code size:
11 KB (11,264 bytes)

Driver
Display name:
ESLAnticheat

Type:
Kernel device driver (KernelDriver)


Scan demcf21.tmp - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.