» etupdateservice.exe
Overview
Analysis
File Details
Behaviors (1)

etupdateservice.exe

East-Tec Eraser 2014

EAST-TEC SRL

It runs as a windows Service named “QSetUpdateService”.

File name:

etupdateservice.exe

Publisher:

East-Tec (signed by EAST-TEC SRL)

Product:

East-Tec Eraser 2014

Description:

Update Service

Version:

1.0.0.739

MD5:

a8248741014ff68b8b2749c8a0a9181d

SHA-1:

caa1c4b2d4d1fb3ff9717582e4dd39962ba031e9

SHA-256:

35dd51a6709b5eb6ca3e1507f62980a4f61d81c3c389e4072920401ba49c7796

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 2:00:31 PM UTC (today)

File size:

2.2 MB (2,270,664 bytes)

Product version:

11.0.7.100

Trademarks:

Trademark

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\east-tec eraser\etupdateservice.exe

Digital Signature

Signed by:

EAST-TEC SRL

Authority:

COMODO CA Limited

Valid from:

9/13/2013 1:00:00 AM

Valid to:

9/14/2014 12:59:59 AM

Subject:

CN=EAST-TEC SRL, O=EAST-TEC SRL, STREET="Str. Balogh Istvan, Nr. 17", L=Oradea, S=Bihor, PostalCode=410238, C=RO

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00B80174E6031EA8DFEFFD6D3061F353F8

File PE Metadata

Compilation timestamp:

1/31/2014 11:26:49 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:qzb7F6x2f+PWpJYSpA29Tq58mgjJ1SUeW99BoS+IRdZD3xZrLvFcZTWxuNU2WZCo:qLgx2fYwA8TyqPR99ySJzPLvCFuZ5

Entry address:

0x1EDA90

Entry point:

55, 8B, EC, 83, C4, F0, 53, B8, 7C, 41, 5E, 00, E8, D3, 10, E2, FF, A1, 00, 31, 5F, 00, 8B, 00, 80, 78, 38, 00, 74, 10, A1, 00, 31, 5F, 00, 8B, 00, E8, 52, 3A, FC, FF, 84, C0, 74, 0C, A1, 00, 31, 5F, 00, 8B, 00, 8B, 10, FF, 52, 44, 8B, 0D, 84, 30, 5F, 00, A1, 00, 31, 5F, 00, 8B, 00, 8B, 15, 64, 12, 5E, 00, 8B, 18, FF, 53, 40, A1, 00, 31, 5F, 00, 8B, 00, 8B, 10, FF, 52, 48, 5B, E8, A4, BD, E1, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.6206

Developed / compiled with:

Microsoft Visual C++

Code size:

1.9 MB (2,014,720 bytes)

Service

Display name:

QSetUpdateService

Type:

Win32OwnProcess, InteractiveProcess

Scan etupdateservice.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.