edhelper.exe

Desk 365

Taiwan Shui Mu Chih Ching Technology Limited

The application edhelper.exe, “Desk 365 helper application” by Taiwan Shui Mu Chih Ching Technology Limited has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Taiwan Shui Mu Chih Ching Technology Limited.  (signed by Taiwan Shui Mu Chih Ching Technology Limited)

Product:
Desk 365

Description:
Desk 365 helper application

Version:
1.1.8.6315

MD5:
e8d2736260ef5f66be51431f87a07520

SHA-1:
84d4558a624b190f0c679b3b7b49bc1f31847a8f

SHA-256:
9215122287a518a86bf9b6d1a2ab34ff1f19179bc6099e7c6f25866641a739b9

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/23/2024 6:05:00 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Thinknice (M)
17.2.3.5

File size:
139.7 KB (143,016 bytes)

Product version:
1.1.8.6315

Copyright:
Copyright (C) 2012

Original file name:
edhelper.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\deskplus\edhelper.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
3/13/2013 4:15:13 AM

Valid to:
3/14/2014 4:15:13 AM

Subject:
CN=Taiwan Shui Mu Chih Ching Technology Limited, O=Taiwan Shui Mu Chih Ching Technology Limited, L=新北, S=台湾, C=TW

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121243D90C81CD8FEC70E99813154FB6459

File PE Metadata
Compilation timestamp:
3/27/2013 8:05:04 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0x34C0

Entry point:
E8, 44, 05, 00, 00, E9, 6B, FD, FF, FF, FF, 25, F8, 40, 40, 00, FF, 25, FC, 40, 40, 00, 6A, 14, 68, 28, 46, 40, 00, E8, 7E, 04, 00, 00, FF, 35, 5C, 64, 40, 00, 8B, 35, A0, 40, 40, 00, FF, D6, 89, 45, E4, 83, F8, FF, 75, 0C, FF, 75, 08, FF, 15, 44, 41, 40, 00, 59, EB, 64, 6A, 08, E8, A5, 05, 00, 00, 59, 83, 65, FC, 00, FF, 35, 5C, 64, 40, 00, FF, D6, 89, 45, E4, FF, 35, 58, 64, 40, 00, FF, D6, 89, 45, E0, 8D, 45, E0, 50, 8D, 45, E4, 50, FF, 75, 08, 8B, 35, A4, 40, 40, 00, FF, D6, 50, E8, 6B, 05, 00, 00, 83...
 
[+]

Code size:
11 KB (11,264 bytes)

Remove edhelper.exe - Powered by Reason Core Security