home

easyanticheat.sys

EasyAntiCheat Ltd

Publisher:
EasyAntiCheat Ltd  (signed and verified)

MD5:
0198589646f362702486fca024108025

SHA-1:
6d2c5e2874e45abe7cd83bb857df896340e7984c

SHA-256:
0ce9d3c75e0e564535c244fdd743407548c3476c917298d3794632bf8c373344

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/18/2024 10:16:29 AM UTC  (today)

Scan engine
Detection
Engine version

Comodo Security
UnclassifiedMalware
21150

McAfee
Generic Obfuscated.c
5600.6835

Trend Micro House Call
Suspicious_GEN.F47V0213
7.2.64

File size:
447.3 KB (458,008 bytes)

File type:
Driver (Win64 SYS)

Common path:
C:\Windows\System32\easyanticheat.sys

Digital Signature
Signed by:
EasyAntiCheat Ltd

Authority:
GlobalSign nv-sa

Valid from:
4/22/2014 12:15:40 PM

Valid to:
4/17/2015 8:58:00 AM

Subject:
CN=EasyAntiCheat Ltd, O=EasyAntiCheat Ltd, L=Espoo, C=FI

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121FAEE84FA4ADDD304CD007E7E4DBF66C0

File PE Metadata
Compilation timestamp:
2/9/2015 3:41:41 PM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
12288:wrgriOXhFJump3OJ2cmt7FfiRwRp+u6DdBo:nriOXhFJumROJIt7Ff8wnp6k

Entry address:
0x6A205

Entry point:
E9, E2, AF, FF, FF, 00, 00, 48, 61, 6C, 4D, 61, 6B, 65, 42, 65, 65, 70, 00, E9, 69, 34, 00, 00, E9, 3D, F4, FF, FF, FE, C8, E9, 8F, 94, FF, FF, E9, C6, 93, FF, FF, 0F, 82, 6D, F4, FF, FF, 66, 0F, A3, FC, 66, 0F, A3, DE, 80, 7F, FF, 00, E9, B6, DA, FF, FF, 0F, 83, 10, 09, 00, 00, 66, 0F, C1, CB, 48, 89, C3, 48, 0F, C1, CF, 66, 0F, A4, DF, 07, 18, E5, 0F, 9B, C1, 48, 89, C7, 48, 0F, BD, CE, 66, 81, C1, A2, 35, 0F, BE, C8, 66, 39, F7, B9, 04, 01, 00, 00, E9, 27, 8C, FF, FF, E9, 9A, DF, FF, FF, D4, A1, D2, 74...
 
[+]

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
54 KB (55,296 bytes)

Scan easyanticheat.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.