home

ecatservice.exe

ECAT

Silicium Security inc.

It runs as a separate (within the context of its own process) windows Service named “EcatService”.
Publisher:
EMC Corporation  (signed by Silicium Security inc.)

Product:
ECAT

Description:
ECAT Service

Version:
3.5.3.1

MD5:
150153b0038e9865e420fa0be9139955

SHA-1:
c74d06f5ba786351369a8d711caf95bcf18c53ed

SHA-256:
b7ad553f561eae9fdf812079d6421abaf40a6743d4d12b682da55babaf98fd36

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/26/2024 6:20:53 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.Packed
1.3.0.6979

File size:
1.1 MB (1,134,368 bytes)

Product version:
3.5.3.1

Copyright:
Copyright © 2014 EMC Corporation All Rights Reserved.

Original file name:
ECAT-Client32.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\ecatservice.exe

Digital Signature
Signed by:
Silicium Security inc.

Authority:
VeriSign, Inc.

Valid from:
12/9/2011 2:00:00 AM

Valid to:
1/14/2015 1:59:59 AM

Subject:
CN=Silicium Security inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Silicium Security inc., S=Quebec, C=CA

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1150781872AF45DDD9AF0B0913DC56AF

File PE Metadata
Compilation timestamp:
8/29/2014 5:01:06 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:e7KmWWd40j8qDBCtI9TCwOn14fedNiJZjlj91HZxDZ3izgwb5r6:Bm9402ETC514fu8JN555ZG6

Entry address:
0x52D1F

Entry point:
E8, 59, 2C, 00, 00, E9, 7F, FE, FF, FF, 3B, 0D, 80, 90, 47, 00, 75, 02, F3, C3, E9, 66, 0A, 00, 00, 55, 8B, EC, FF, 75, 14, 6A, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 05, 00, 00, 00, 83, C4, 14, 5D, C3, 55, 8B, EC, 83, EC, 20, 53, 57, 33, DB, 6A, 07, 33, C0, 59, 8D, 7D, E4, 89, 5D, E0, F3, AB, 39, 45, 10, 75, 18, E8, EF, 42, 00, 00, C7, 00, 16, 00, 00, 00, E8, 31, 34, 00, 00, 83, C8, FF, E9, 9B, 00, 00, 00, 8B, 45, 0C, 56, 8B, 75, 08, 85, C0, 74, 19, 85, F6, 75, 15, E8, C8, 42, 00, 00, C7, 00, 16, 00...
 
[+]

Entropy:
7.3363

Code size:
411.5 KB (421,376 bytes)

Service
Display name:
EcatService

Description:
ECAT Service

Type:
Win32OwnProcess


Scan ecatservice.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.