home

ezcddax.exe

Easy CD-DA Extractor

Poikosoft

The application ezcddax.exe by Poikosoft has been detected as a potentially unwanted program by 10 anti-malware scanners.
Publisher:
Poikosoft  (signed and verified)

Product:
Easy CD-DA Extractor

Version:
2010.5.0.0

MD5:
de9f086b7d687926079397ba2d46e1e6

SHA-1:
bee0303ac2a3e137813aeb2e629f404e3e6564b7

SHA-256:
bd1d40be10797b27c0670a03fcf433c3756175e94ef7111fc0805ac94598eb89

Scanner detections:
10 / 68

Status:
Potentially unwanted

Analysis date:
4/16/2024 5:31:50 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/ZProtect
7.1.1

AVG
Fat-Obfuscated
2017.0.2689

Comodo Security
UnclassifiedMalware
19777

Fortinet FortiGate
W32/Redosdru.ID!tr
7/8/2016

F-Secure
Packed:W32/PeCan.A
11.2016-08-07_6

IKARUS anti.virus
Backdoor.Win32.Zegost
t3scan.1.7.8.0

K7 AntiVirus
Trojan
13.183.13642

McAfee
Artemis!DE9F086B7D68
5600.6345

Norman
Redosdru.LS
11.20160708

VIPRE Antivirus
Trojan-Dropper.Win32.Resdro.b
33860

File size:
3.8 MB (4,026,168 bytes)

Product version:
2010.5.0.0

Copyright:
Copyright 1998 - 2010 Jukka Poikolainen & Poikosoft

Trademarks:
Poikosoft and Easy CD-DA Extractor are registered trademarks of Poikosoft

Original file name:
ezcddax.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\easy cd-da extractor 2010\ezcddax.exe

Digital Signature
Signed by:
Poikosoft

Authority:
The USERTRUST Network

Valid from:
12/29/2009 10:00:00 PM

Valid to:
12/29/2012 9:59:59 PM

Subject:
CN=Poikosoft, O=Poikosoft, STREET=Kivitaltankatu 5 E 9, L=Tampere, S=n/a, PostalCode=33560, C=FI

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
3342B39AF717A717A79F45ABBF4D578A

File PE Metadata
Compilation timestamp:
9/10/1987 3:27:18 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
83.82

CTPH (ssdeep):
49152:cf03klPShX4dCnyj6JBDbf25h92thfYR1iwv3P5QJSX21q3aHf5MgMGMPdb9UyP5:cf0IFbuJ1BbkxASX33aB9jiTUw5

Entry address:
0x8F6672

Entry point:
E8, 02, 00, 00, 00, DB, C3, 87, 14, 24, 8D, 92, DE, F9, FF, FF, 87, 14, 24, E9, CB, F9, FF, FF, D6, AC, 0F, 84, FD, 04, 00, 00, E9, 82, 04, 00, 00, 0F, 82, E7, F9, FF, FF, E9, 77, 03, 00, 00, B9, 4D, 5A, 00, 00, E9, CC, F9, FF, FF, 02, 57, E9, 81, FD, FF, FF, 84, E8, 01, 00, 00, 00, 11, 87, 0C, 24, 8D, 89, 3F, 05, 00, 00, 87, 0C, 24, E9, 87, 00, 00, 00, 3E, 74, D7, 5E, E9, 3A, 02, 00, 00, 47, 57, E9, 8E, FD, FF, FF, DA, 55, 61, 0F, 84, 7C, 01, 00, 00, E9, EB, 03, 00, 00, 2E, B4, D2, 2D, 11, 0F, 86, 77, F9...
 
[+]

Code size:
704 KB (720,896 bytes)

Autoplay Handler
Display name:
EZCDDAXAutoPlayAudioCD


Remove ezcddax.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.