» EasyAntiCheat.exe
Overview
Analysis
File Details
Downloads (7)

EasyAntiCheat.exe

EasyAntiCheat!

EasyAntiCheat Solutions

This is a setup program which is used to install the application. The file has been seen being downloaded from www.megatopico.com and multiple other hosts.

File name:

EasyAntiCheat.exe

Publisher:

EasyAntiCheat Solutions (signed and verified)

Product:

EasyAntiCheat!

Version:

4, 0, 0, 0

MD5:

583c378e998fde57f6f82c66c2c55718

SHA-1:

196b21d76774fac299c02baf04f6f207b06a8c35

SHA-256:

755046980d64fcda846483bbb01c62fc7def98e06bf8c86fa36ee64160f5063c

Scanner detections:

4 / 68

Status:

Clean (4 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

12/27/2024 8:28:42 AM UTC (today)

Scan engine

Detection

Engine version

Comodo Security

Heur.Suspicious

23690

McAfee

Artemis!583C378E998F

5600.6513

Quick Heal

(Suspicious) - DNAScan

1.16.14.00

Vba32 AntiVirus

suspected of Unknown.Win32Virus

3.12.26.4

File size:

2 MB (2,115,336 bytes)

Product version:

4, 0, 0, 0

Original file name:

EasyAntiCheat.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\easyanticheat.exe

Digital Signature

Signed by:

EasyAntiCheat Solutions

Authority:

The USERTRUST Network

Valid from:

5/11/2011 2:00:00 AM

Valid to:

5/11/2012 1:59:59 AM

Subject:

CN=EasyAntiCheat Solutions, O=EasyAntiCheat Solutions, STREET=Snellmaninkatu 23 A 6, L=Helsinki, S=Helsinki, PostalCode=00170, C=FI

Issuer:

CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:

00BB1424F024635765CAC8D3E76F36612C

File PE Metadata

Compilation timestamp:

6/21/2011 2:21:10 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

49152:g91wdRCLtoVnxvUFSf6OB8R1V6cWiT/Z1SxrHjEGiU877P0rbZo5Rm:g91wdRCLtoV9lB8R1V6cWiDZ1CQGix7Y

Entry address:

0x1B495

Entry point:

E8, A9, 99, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, 28, 16, 43, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 10, 12, 43, 00, C9, C2, 08, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 33, C9, 3B, 04, CD, C8, B4, 43, 00, 74, 13, 41, 83, F9, 2D, 72, F1, 8D, 48, ED, 83, F9, 11, 77, 0E, 6A, 0D, 58, 5D, C3, 8B, 04, CD, CC... 
[+]

Code size:

190 KB (194,560 bytes)

The file EasyAntiCheat.exe has been seen being distributed by the following 7 URLs.

http://www.megatopico.com/.../file.php?id=27807&sid=53573c8bf11920a5475bd2075f7dd918

http://www.megatopico.com/.../file.php?id=27807

http://www.megatopico.com/.../file.php?id=27807&sid=5a1472cac2240b7d2e86f0d8fa03ef49

http://www.megatopico.com/.../file.php?id=27807&sid=31824a2ae97c1cc72d4063d4daf733c2

http://www.megatopico.com/.../file.php?id=27807&sid=343e4444a98d8849ae6f4ca9d0bd18e0

http://www.megatopico.com/.../file.php?id=27807&sid=89062c2f95c55eedf93f5cb4052d941f

http://www.megatopico.com/.../file.php?id=27807&sid=e16fea7371dfd86762166fc28f76028b

Scan EasyAntiCheat.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.