home

demf188.tmp

ESLAnticheat

Turtle Entertainment GmbH

It runs as a Windows 64-bit kernel mode device driver named “ESLAnticheat”.
Publisher:
<Turtle Entertainment>  (signed by Turtle Entertainment GmbH)

Product:
ESLAnticheat

Version:
1.0.0.99

MD5:
e5414e6cf219e104cf3aef671298c7ac

SHA-1:
f5294e907dc630a455a8a75b6617a34047725a97

SHA-256:
34f97f9360ecc35fcfc96910cc2a1b272b45192fd9ed8b25568fb6724cf71eba

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/28/2024 4:20:52 AM UTC  (today)

File size:
113.4 KB (116,160 bytes)

Product version:
1.0

Copyright:
Copyright © 2016

Original file name:
ESLAnticheat

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\demf188.tmp

Digital Signature
Signed by:
Turtle Entertainment GmbH

Authority:
GlobalSign nv-sa

Valid from:
12/12/2014 8:53:35 AM

Valid to:
1/26/2018 5:17:59 AM

Subject:
CN=Turtle Entertainment GmbH, O=Turtle Entertainment GmbH, L=Cologne, S=NRW, C=DE

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121A1E8F7E6944C92C7CA61440EFF3F250E

File PE Metadata
Compilation timestamp:
3/7/2017 11:32:30 AM

OS version:
10.0

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
14.0

Entry address:
0x20C67

Entry point:
E9, E9, A7, FF, FF, 0F, 85, 6E, AE, FF, FF, 66, BE, 61, 37, 48, 8B, 35, CB, 35, FF, FF, E9, 92, CE, FF, FF, 0F, 82, 50, 41, 00, 00, 66, 0F, A3, F4, F5, E9, 10, 05, 00, 00, 50, F0, 1F, FD, FD, 8A, 77, 92, 69, BC, B4, 1E, C2, 19, 60, 73, 4D, A2, A2, C2, C3, 3F, 4D, 2D, 66, 51, 9C, BF, 0C, 99, 12, 97, 17, CA, 36, 35, CA, 8A, 77, 20, 27, 8F, FC, 6D, 7D, 78, 79, E5, 61, E8, 4E, 45, 05, 24, 0A, D4, 5A, 5B, CE, 04, B9, E1, D1, 23, 15, 88, 91, E6, 27, 84, 2D, 3E, 7D, 9B, 51, 81, AE, A3, 03, B0, E7, 34, 46, 86, D8...
 
[+]

Entropy:
7.3498

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
15.5 KB (15,872 bytes)

Driver
Display name:
ESLAnticheat

Type:
Kernel device driver (KernelDriver)


Scan demf188.tmp - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.