home

eosmsg.exe

eosmsg V4.5

wangjianfen

The application eosmsg.exe, “此 Installer 数据库包含了安装 eosmsg V4.5 所需的逻辑和数据。” by wangjianfen has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is the uninstaller utility registered in the Windows Control Panel for the program eosmsg V4.5 by eosmsg.com.
Publisher:
eosmsg.com  (signed by wangjianfen)

Product:
eosmsg V4.5

Description:
此 Installer 数据库包含了安装 eosmsg V4.5 所需的逻辑和数据。

Version:
4.5.0

MD5:
21199293aea771477fca8b32ba1bfe6b

SHA-1:
44624da9fb6ab4888ff70daf69f89ad81fabe1c1

SHA-256:
7b54ee1ab359bd24c77fa636f0ef6308f4e5d615c5867125c92a9f21548d8ccd

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/30/2024 10:25:45 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.2.2.23

File size:
2.3 MB (2,452,728 bytes)

Product version:
4.5.0

Copyright:
Copyright (C) eosmsg.com

Original file name:
eosmsg.aiui

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\ProgramData\caphyon\advanced installer\{a532593a-14fb-4e25-a402-2189094f5cd5}\eosmsg.exe

Digital Signature
Signed by:
wangjianfen

Authority:
Unizeto Technologies S.A.

Valid from:
3/3/2014 5:30:00 AM

Valid to:
3/3/2015 5:30:00 AM

Subject:
E=info@eosmsg.com, CN="Open Source Developer, wangjianfen", O=wangjianfen, C=CN

Issuer:
CN=Certum Level III CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:
386A62E0B0A08C9F45A436674170DBB2

File PE Metadata
Compilation timestamp:
11/29/2012 2:25:28 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0xAE649

Entry point:
E8, 25, B9, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 53, 56, 8B, F0, 33, DB, 3B, F3, 75, 1E, E8, CF, 44, 00, 00, 6A, 16, 5E, 53, 53, 53, 53, 53, 89, 30, E8, CB, EB, FF, FF, 83, C4, 14, 8B, C6, E9, C2, 00, 00, 00, 57, 39, 5D, 0C, 77, 1E, E8, AB, 44, 00, 00, 6A, 16, 5E, 53, 53, 53, 53, 53, 89, 30, E8, A7, EB, FF, FF, 83, C4, 14, 8B, C6, E9, 9D, 00, 00, 00, 33, C0, 39, 5D, 14, 66, 89, 06, 0F, 95, C0, 40, 39, 45, 0C, 77, 09, E8, 7C, 44, 00, 00, 6A, 22, EB, CF, 8B, 45, 10, 83, C0, FE, 83, F8, 22, 77...
 
[+]

Entropy:
4.0629

Code size:
899 KB (920,576 bytes)

Program Uninstaller
Program name:
eosmsg V4.5

Display publisher:
eosmsg.com

Display version:
4.5.0

Uninstall string:
C:\ProgramData\Caphyon\Advanced Installer\{A532593A-14FB-4E25-A402-2189094F5CD5}\eosmsg.exe /x {61F08ABA-3277-4BB8-A751-A801B7D124A9}


Remove eosmsg.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.