home

pilote_aten.exe

UC232A

Aten International Co., Ltd.

This is a setup and installation application. It runs as a scheduled task under the Windows Task Scheduler. The file has been seen being downloaded from www.epsilog.com and multiple other hosts.
Publisher:
Aten International Co., Ltd.

Product:
UC232A

Description:
UC232A_Windows_Setup

Version:
1.0.075

MD5:
23d16feef91123ef868aa5ce6becdea9

SHA-1:
428493062669dba46e46e29b9f83cc1cfc8c2e23

SHA-256:
d1d231d49394f4c48c194290802d4da906ae64bea7aa8395f758b7c913a7b0b0

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
1/2/2026 4:00:29 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.Mezzia
7.1.1

Bkav FE
HW32.CDB
1.3.0.4613

nProtect
Trojan.Mezzia.CY
13.12.29.01

File size:
3.6 MB (3,819,008 bytes)

Product version:
1.0.075

Copyright:
Copyright (R) 2010 Aten International Co., Ltd. All rights reserved.

Original file name:
UC232A_Windows_Setup

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\pilote_aten.exe

File PE Metadata
Compilation timestamp:
1/21/2011 5:49:30 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
98304:m4GXGktFOZCW0XiOKR3QhBnFrbtE252gG3ho6pAL7:2Wkt20XiDRghRxt52v3hs7

Entry address:
0x265C

Entry point:
B8, 30, 9E, E0, 01, FF, E0, 9B, DA, D7, 89, F4, 69, DE, AE, 24, 8D, 23, 27, 49, A9, 24, F8, 23, 42, 34, 81, 98, 3F, 34, 1C, 91, 85, 12, CB, 35, FC, 91, F2, 11, 84, 8B, 3A, 08, 0E, 86, E7, F3, 8A, CB, 88, B5, 37, 44, 82, 9F, BD, 93, AB, 84, 75, 45, F6, 44, 9F, CA, 23, 0A, 7B, 53, 0E, 56, 49, 6C, 5F, A6, BE, 82, 89, 8F, FF, 67, FE, DA, AD, 51, 4A, 0A, 01, 95, BD, 34, 04, C6, E7, BD, B5, 9A, 82, 15, 7C, AB, 10, B8, AB, 20, C1, 41, 29, C8, 21, 2D, 0C, 95, DC, 2F, EA, 50, BD, 14, 16, 05, BD, 51, BB, 10, D1, 45...
 
[+]

Code size:
44 KB (45,056 bytes)

Scheduled Task
Task name:
{226A0871-A470-45E0-9461-8C728C94F8B0}

Trigger:
Registration (Runs on registration)


The file pilote_aten.exe has been discovered within the following program.

WinJump 2014  by Pierre-Jean Pralong
About 1% of users remove it
 
Powered by Should I Remove It?

The file pilote_aten.exe has been seen being distributed by the following 2 URLs.

http://www.epsilog.com/imgfr/Image/template_dwnld/fichier_a_dl/.../Pilote_Aten.exe

http://clubtechnology.polarusa.com/.../aten.exe

Scan pilote_aten.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.