home

edhelper.exe

Desk 365

Taiwan Shui Mu Chih Ching Technology Limited

The application edhelper.exe, “Desk 365 helper application” by Taiwan Shui Mu Chih Ching Technology Limited has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Taiwan Shui Mu Chih Ching Technology Limited.  (signed by Taiwan Shui Mu Chih Ching Technology Limited)

Product:
Desk 365

Description:
Desk 365 helper application

Version:
1.4.17.7189

MD5:
0ce6ff8019e158b9184d2dfd5e674835

SHA-1:
548f71e11dc27b049d716052d6fe462d5e11178d

SHA-256:
2da93805cc5b492c8055034bf0191eff65bfa4e19eabe3257a71c6198c9a3ca2

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/25/2024 5:04:20 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Thinknice.TaiwanShuiMuChihChingTechnology (M)
16.1.9.5

File size:
140.7 KB (144,040 bytes)

Product version:
1.4.17.7189

Copyright:
Copyright (C) 2012

Original file name:
edhelper.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\omiga plus\edhelper.exe

Digital Signature
Signed by:
Taiwan Shui Mu Chih Ching Technology Limited

Authority:
GlobalSign nv-sa

Valid from:
3/13/2013 8:15:13 AM

Valid to:
3/14/2014 8:15:13 AM

Subject:
CN=Taiwan Shui Mu Chih Ching Technology Limited, O=Taiwan Shui Mu Chih Ching Technology Limited, L=新北, S=台湾, C=TW

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121243D90C81CD8FEC70E99813154FB6459

File PE Metadata
Compilation timestamp:
5/17/2013 3:01:40 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:2fN4OQGLlNoYPDDnqMe2GXjvg+jBDNgnfsMYAIsd4sYWltZ:2mOQiBrDnre2GXjvg+jlNgnzYAIE4sYy

Entry address:
0x38C0

Entry point:
E8, 44, 05, 00, 00, E9, 6B, FD, FF, FF, FF, 25, FC, 40, 40, 00, FF, 25, 00, 41, 40, 00, 6A, 14, 68, 60, 46, 40, 00, E8, 7E, 04, 00, 00, FF, 35, 5C, 64, 40, 00, 8B, 35, A0, 40, 40, 00, FF, D6, 89, 45, E4, 83, F8, FF, 75, 0C, FF, 75, 08, FF, 15, 48, 41, 40, 00, 59, EB, 64, 6A, 08, E8, A5, 05, 00, 00, 59, 83, 65, FC, 00, FF, 35, 5C, 64, 40, 00, FF, D6, 89, 45, E4, FF, 35, 58, 64, 40, 00, FF, D6, 89, 45, E0, 8D, 45, E0, 50, 8D, 45, E4, 50, FF, 75, 08, 8B, 35, A4, 40, 40, 00, FF, D6, 50, E8, 6B, 05, 00, 00, 83...
 
[+]

Code size:
12 KB (12,288 bytes)

Remove edhelper.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.