home

ed2k.exe

aMuleall

http://www.amuleall.org/

It runs as a windows Service named “ed2k idle service”.
Publisher:
http://www.amuleall.org/

Product:
aMuleall

Description:
ED2K Links Handler

Version:
2.4.0

MD5:
29079f3a7221f343e1021397424a1e3c

SHA-1:
a8827c084c42bbc5a2015d82723bf0236ef16611

SHA-256:
06ddfada37bb6d4db40bf14c42658a6775a22ecf8fb0b3f19d129ed3074e8b3a

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/28/2024 9:21:03 PM UTC  (today)

Scan engine
Detection
Engine version

F-Prot
W32/Patched.B!Generic
4.6.5.141

F-Secure
Trojan.GenericKD.4572899
5.16.24

File size:
347.5 KB (355,850 bytes)

Product version:
2.4.0

Copyright:
aMuleall Team ( admin@amule.org )

Original file name:
ed2k.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\amulell\ed2k.exe

File PE Metadata
Compilation timestamp:
3/6/2017 4:27:55 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
12.0

Entry address:
0xDD47

Entry point:
E8, CF, C5, 00, 00, E9, 7B, FE, FF, FF, E8, 4C, 70, 00, 00, 8B, D0, 8B, 42, 6C, 3B, 05, 54, 9E, 43, 00, 74, 10, 8B, 0D, 18, 9F, 43, 00, 85, 4A, 70, 75, 05, E8, 8E, 66, 00, 00, 8B, 40, 04, C3, E8, 26, 70, 00, 00, 8B, D0, 8B, 42, 6C, 3B, 05, 54, 9E, 43, 00, 74, 10, 8B, 0D, 18, 9F, 43, 00, 85, 4A, 70, 75, 05, E8, 68, 66, 00, 00, 05, A0, 00, 00, 00, C3, E8, FE, 6F, 00, 00, 8B, D0, 8B, 42, 6C, 3B, 05, 54, 9E, 43, 00, 74, 10, 8B, 0D, 18, 9F, 43, 00, 85, 4A, 70, 75, 05, E8, 40, 66, 00, 00, 8B, 40, 74, C3, 55, 8B...
 
[+]

Entropy:
7.1244

Code size:
176 KB (180,224 bytes)

Service
Display name:
ed2k idle service

Service name:
ed2kidle

Description:
execute ed2k task in idle time

Type:
Win32OwnProcess, InteractiveProcess


Scan ed2k.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.