home

eoeztool.exe

eoモジュール

K-Opticom Corporation

Publisher:
K-Opticom  (signed by K-Opticom Corporation)

Product:
eoモジュール

Version:
5.1.0.6

MD5:
f420fa2c8c25d836eb2454d263cfd10e

SHA-1:
2a9860a65e0451da2bb55f4f6ca8793ef264252f

SHA-256:
074207364c233aa64a3435130d4f33019207c2b33309d2df2b6f1575a403645f

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
5/4/2024 6:18:17 PM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
probably DLOADER.Trojan
9.0.1.05190

Trend Micro House Call
Suspicious_GEN.F47V1104
7.2.56

File size:
1.4 MB (1,420,360 bytes)

Product version:
5.0.0.0

File type:
Executable application (Win32 EXE)

Language:
Japanese (Japan)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\eosvcchg\eoeztool.exe

Digital Signature
Signed by:
K-Opticom Corporation

Authority:
VeriSign, Inc.

Valid from:
10/3/2012 9:00:00 AM

Valid to:
10/5/2013 8:59:59 AM

Subject:
CN=K-Opticom Corporation, OU=customer support center, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=K-Opticom Corporation, L=Osaka-shi Kita-ku, S=Osaka-fu, C=JP

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2AD7B9C15137CFD80E86895868CA2F2E

File PE Metadata
Compilation timestamp:
3/21/2013 3:27:56 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
24576:6jeuzh0uu5WR80P9hiy+QKIS5wcrbIR9lBYAd1J2Xs1ZQ+zcq:Y0r0P9hilQKIrmkfYq2IZnYq

Entry address:
0x1600

Entry point:
EB, 10, 66, 62, 3A, 43, 2B, 2B, 48, 4F, 4F, 4B, 90, E9, 98, 40, 4F, 00, A1, 8B, 40, 4F, 00, C1, E0, 02, A3, 8F, 40, 4F, 00, 52, 6A, 00, E8, E5, 19, 0F, 00, 8B, D0, E8, B2, 45, 0E, 00, 5A, E8, 10, 45, 0E, 00, E8, E7, 45, 0E, 00, 6A, 00, E8, 84, 5A, 0E, 00, 59, 68, 34, 40, 4F, 00, 6A, 00, E8, BF, 19, 0F, 00, A3, 93, 40, 4F, 00, 6A, 00, E9, 2F, BE, 0E, 00, E9, B2, 5A, 0E, 00, 33, C0, A0, 7D, 40, 4F, 00, C3, A1, 93, 40, 4F, 00, C3, 60, BB, 00, 50, B0, BC, 53, 68, AD, 0B, 00, 00, C3, B9, B4, 00, 00, 00, 0B, C9...
 
[+]

Code size:
972 KB (995,328 bytes)

Scan eoeztool.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.