home

ecs-support.exe

pcvisit 8

pcvisit software ag

This is a setup program which is used to install the application. The file has been seen being downloaded from ecs-coiffeur.de.
Publisher:
pcvisit software ag  (signed and verified)

Product:
pcvisit 8

Version:
8.3.5.2630

MD5:
77c9bbaaa03b4c63a12bb8a33b9013e6

SHA-1:
b424e600b7c17040aac5d9517bfb4033d571f86d

SHA-256:
33349813d5b4836bcbb8390f38f242effc516cfca4362ab6143f970c49765b43

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/15/2024 6:04:03 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/PECompact
7.1.1

File size:
1.3 MB (1,313,656 bytes)

Product version:
8.3.5.2630

Copyright:
Copyright © 2004-2007

Original file name:
pcvisit.exe

File type:
Executable application (Win32 EXE)

Language:
German (Germany)

Digital Signature
Signed by:
pcvisit software ag

Authority:
VeriSign, Inc.

Valid from:
7/4/2010 2:00:00 AM

Valid to:
8/15/2011 1:59:59 AM

Subject:
CN=pcvisit software ag, OU=Development, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=pcvisit software ag, L=Dresden, S=Sachsen, C=DE

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
22AE32030D5586DD10422BF1FDA6E94F

File PE Metadata
Compilation timestamp:
2/9/2011 10:23:44 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
24576:Ds6iTVECAZwjwXfWbud+Ox2Zwqh4h8/hrO4z8BluUUdQNfRX3AhBc4JrVbnJ48:Q6i+CAKsv+HZ3+h8/U4zWoUXN53OH48

Entry address:
0x1000

Entry point:
B8, 50, 21, A7, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 66, 37, EF, A9, 67, E7, 4B, 5C, 62, 59, AA, 3E, 35, C0, 93, 44, 3A, 4B, A5, 26, C1, 5B, 01, 4E, 1F, 71, C2, AE, 46, 0B, 2A, B1, E1, 94, 48, 9A, E1, 5C, D1, 60, AE, 69, 9A, 3A, C9, 66, C8, AC, D8, 02, 7A, 72, 87, 8A, 47, B7, 41, B3, 37, BC, 50, 77, D1, 7B, E1, FE, 84, AC, E4, CC, F8, E2, 08, 08, F1, 5E, CF, D6, 7D, 1A, 50, 2D, 63, A2, 35, 71, 65, 54, 3B, 67, 06, 00, C4...
 
[+]

Packer / compiler:
PECompact v2

Code size:
2.2 MB (2,350,592 bytes)

The file ecs-support.exe has been seen being distributed by the following URL.

http://ecs-coiffeur.de/.../ecs-support.exe

Scan ecs-support.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.