home

easyClient.exe

DriveOnWeb

abilis GmbH

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘DriveOnWeb easyStorage Client’.
Publisher:
abilis GmbH  (signed and verified)

Product:
DriveOnWeb

Description:
DriveOnWeb Control Program

Version:
9, 0, 1, 4

MD5:
dc15e2f5bee8533dfd16620ce791ad34

SHA-1:
3dfbf7617771f358a84052e18890a5ac025ca037

SHA-256:
eeefddc4f1566ed3e6de39a2038de5f89a8a84e6be0b8e71a3ceb448f0f53a57

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 9:55:22 PM UTC  (today)

File size:
747.7 KB (765,672 bytes)

Product version:
9, 0, 1, 4

Copyright:
Copyright (C) 2009-2010 abilis GmbH

Original file name:
easyClient.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\driveonweb easystorage client\easyclient.exe

Digital Signature
Signed by:
abilis GmbH

Authority:
TC TrustCenter GmbH

Valid from:
9/30/2010 2:27:29 PM

Valid to:
9/30/2012 2:27:29 PM

Subject:
CN=abilis GmbH, OU=TC Publisher ID for Authenticode, O=abilis GmbH, L=Stutensee, S=Baden-Wuerttemberg, C=DE

Issuer:
CN=TC TrustCenter Class 2 L1 CA XII, OU=TC TrustCenter Class 2 L1 CA, O=TC TrustCenter GmbH, C=DE

Serial number:
3C5900010002EA6560310B9CE194

File PE Metadata
Compilation timestamp:
4/20/2011 4:52:33 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:WEzVo1biDUwGRn/lpWOi3aFjpUBxAEaclwnU8xhCQNNjh6VExXVExX888888c1:WEzy1KiRndpW/ZacunU8xhCQNN1gExFD

Entry address:
0x68FF6

Entry point:
E8, 7D, 04, 00, 00, E9, 36, FD, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 88, 11, 49, 00, 89, 0D, 84, 11, 49, 00, 89, 15, 80, 11, 49, 00, 89, 1D, 7C, 11, 49, 00, 89, 35, 78, 11, 49, 00, 89, 3D, 74, 11, 49, 00, 66, 8C, 15, A0, 11, 49, 00, 66, 8C, 0D, 94, 11, 49, 00, 66, 8C, 1D, 70, 11, 49, 00, 66, 8C, 05, 6C, 11, 49, 00, 66, 8C, 25, 68, 11, 49, 00, 66, 8C, 2D, 64, 11, 49, 00, 9C, 8F, 05, 98, 11, 49, 00, 8B, 45, 00, A3, 8C, 11, 49, 00, 8B, 45, 04, A3, 90, 11, 49, 00, 8D, 45, 08, A3, 9C, 11, 49...
 
[+]

Code size:
435 KB (445,440 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
DriveOnWeb easyStorage Client

Command:
"C:\Program Files\driveonweb easystorage client\easyclient.exe" \min \sleep=20


Scan easyClient.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.