home

eDSLoader.exe

Acer eDataSecurity Management

EGIS TECHNOLOGY INC.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘eDataSecurity Loader’.
Publisher:
Egis Incorporated  (signed by EGIS TECHNOLOGY INC.)

Product:
Acer eDataSecurity Management

Description:
Acer eDataSecurity Management Loader

Version:
3, 0, 336, 0

MD5:
4409e22ffe43f8b7617a30ed2b202ffd

SHA-1:
d85fed53c36067e5568ab42bf741e52abbe550a8

SHA-256:
8c6aeaf768db55b4db6589bff9a44410ee408bf91df6c5036610b7a484277309

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2024 10:50:07 AM UTC  (today)

File size:
511 KB (523,312 bytes)

Product version:
3, 0, 336, 0

Copyright:
(C) Egis Incorporated. All rights reserved

Original file name:
eDSLoader.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\acer\empowering technology\edatasecurity\x86\edsloader.exe

Digital Signature
Signed by:
EGIS TECHNOLOGY INC.

Authority:
VeriSign, Inc.

Valid from:
1/2/2008 1:00:00 AM

Valid to:
1/2/2009 12:59:59 AM

Subject:
CN=EGIS TECHNOLOGY INC., OU=Product Development Division, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=EGIS TECHNOLOGY INC., L=Taipei, S=Taiwan, C=TW

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3BE54ECA3DEEB63CA6F5B763356A9778

File PE Metadata
Compilation timestamp:
2/3/2008 3:00:41 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
6144:PIGWT3XOufXSCV1eUyq9UEX15Uqeu50Ss:AGQNfSCVtyu5Uqfs

Entry address:
0x85B9

Entry point:
E8, E6, 03, 00, 00, E9, 36, FD, FF, FF, 3B, 0D, 28, 50, 41, 00, 75, 02, F3, C3, E9, 66, 04, 00, 00, 6A, 14, 68, A0, FE, 40, 00, E8, 1E, 03, 00, 00, 83, 65, FC, 00, FF, 4D, 10, 78, 3A, 8B, 4D, 08, 2B, 4D, 0C, 89, 4D, 08, FF, 55, 14, EB, ED, 8B, 45, EC, 89, 45, E4, 8B, 45, E4, 8B, 00, 89, 45, E0, 8B, 45, E0, 81, 38, 63, 73, 6D, E0, 74, 0B, C7, 45, DC, 00, 00, 00, 00, 8B, 45, DC, C3, E8, 1E, 05, 00, 00, 8B, 65, E8, C7, 45, FC, FE, FF, FF, FF, E8, 14, 03, 00, 00, C2, 10, 00, 6A, 0C, 68, C0, FE, 40, 00, E8, C0...
 
[+]

Entropy:
4.3038

Code size:
35 KB (35,840 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
eDataSecurity Loader

Command:
C:\Program Files\acer\empowering technology\edatasecurity\x86\edsloader.exe


Scan eDSLoader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.