home

eScriptionDownloader.exe

eScriptionDownloader

Axiom Technologies

The executable eScriptionDownloader.exe has been detected as malware by 14 anti-virus scanners.
Publisher:
Axiom Technologies

Product:
eScriptionDownloader

Version:
10.14.0001

MD5:
70fc4e03a2d0b79484f447b593c3b5cc

SHA-1:
721198c39d7d250328448111921560c68421d4d1

SHA-256:
5c976fc657acf35e8e3202b5e3d2430f1a22a2b8ff741cf3f45518b5fa6fa784

Scanner detections:
14 / 68

Status:
Malware

Analysis date:
7/17/2025 3:00:39 PM UTC  (today)

Scan engine
Detection
Engine version

Bitdefender
Gen:Variant.Kazy.44428
1.0.20.1300

Comodo Security
UnclassifiedMalware
17250

Emsisoft Anti-Malware
Gen:Variant.Kazy.44428
8.14.09.17.06

F-Prot
W32/VB-Dialog-Spyer-based!Maxim
v6.4.7.1.166

G Data
Gen:Variant.Kazy.44428
14.9.22

IKARUS anti.virus
Win32.SuspectCrc
t3scan.2.0.127

K7 AntiVirus
Virus
13.173.10137

McAfee
Artemis!70FC4E03A2D0
5600.7005

Norman
Vir_Generic.JZHV
11.20140917

Panda Antivirus
Suspicious file
14.09.17.06

Qihoo 360 Security
Win32/Trojan.496
1.0.0.1015

Reason Heuristics
Threat.Win.Reputation.IMP
15.4.8.22

Trend Micro House Call
TROJ_GEN.F47V1027
7.2.260

VIPRE Antivirus
Trojan-Spy.Win32.VB.Dialog!cobra
23250

File size:
276.1 KB (282,697 bytes)

Product version:
10.14.0001

Original file name:
eScriptionDownloader.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\escription\editscriptv10\escriptiondownloader.exe

File PE Metadata
Compilation timestamp:
9/13/2013 3:14:26 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:3g3oVI/Mu9iHzubHh6Z4AcgvlsBNv1w2NO3w08B91EcBsp1scViwzmjfum8aMyUd:w4e71/aChY

Entry address:
0x72DC

Entry point:
68, 8C, 96, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 02, 79, BB, 8A, BA, 46, 9F, 44, 8E, 9F, 5C, 6A, 4F, 5F, 67, DA, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 41, 00, 86, 50, 82, 01, 45, 53, 44, 6F, 77, 6E, 6C, 6F, 61, 64, 65, 72, 56, 31, 30, 00, 00, 00, 00, 00, FF, CC, 31, 00, 0B, CA, 8A, 63, 4F, 9E, FF, D5, 45, BF, 74, AB, 34, D6, CB, E5, 9E, 74, 48, 24, 3D, 5F, 54, 6F, 49, B0, A7, 53, E1, EC, D1, 04, 5F, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
5.6031

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
256 KB (262,144 bytes)

Remove eScriptionDownloader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.