home

EEKAS.EXE

Entrust Entelligence Security Provider

Entrust Datacard Corporation

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘eekas’.
Publisher:
Entrust(R)  (signed by Entrust Datacard Corporation)

Product:
Entrust Entelligence Security Provider

Description:
Entrust Entelligence Key Access Service Application

Version:
9.3.40.4442

MD5:
de956bbe3d9620e4835fcb145c3b67c5

SHA-1:
ce7202ee9ec7964d545674cdedde1225e569fefe

SHA-256:
456da1d39cc6ddfc8e937be648377a0f6c6735b84c0fe3f29c253f700ae8f206

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/28/2024 5:32:18 AM UTC  (today)

File size:
501.6 KB (513,632 bytes)

Product version:
9.3

Copyright:
Copyright 1994-2015 Entrust. All rights reserved.

Trademarks:
Entrust is a trademark or registered trademark of Entrust, Inc.

Original file name:
EEKAS.EXE

File type:
Executable application (Win32 EXE)

Language:
English (Canada)

Common path:
C:\Program Files\common files\entrust\esp\eekas.exe

Digital Signature
Signed by:
Entrust Datacard Corporation

Authority:
Entrust, Inc.

Valid from:
3/30/2016 1:58:41 PM

Valid to:
3/30/2019 2:28:38 PM

Subject:
CN=Entrust Datacard Corporation, O=Entrust Datacard Corporation, L=Shakopee, S=Minnesota, C=US

Issuer:
CN=Entrust Code Signing CA - OVCS1, OU="(c) 2015 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US

Serial number:
73CA6E2D1369904A000000005565F941

File PE Metadata
Compilation timestamp:
6/15/2016 1:11:38 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:ndukBGb5dqsE3gW90oqqle4eimaTwtZHsRA9:nxkuRqqQ4rmaTmeO9

Entry address:
0x5D31C

Entry point:
E8, 82, 05, 00, 00, E9, 6B, FD, FF, FF, FF, 25, E0, 12, 46, 00, FF, 25, E4, 12, 46, 00, FF, 25, EC, 12, 46, 00, FF, 25, F0, 12, 46, 00, FF, 25, F8, 12, 46, 00, FF, 25, FC, 12, 46, 00, CC, CC, CC, CC, CC, CC, 80, F9, 40, 73, 16, 80, F9, 20, 73, 06, 0F, AD, D0, D3, FA, C3, 8B, C2, C1, FA, 1F, 80, E1, 1F, D3, F8, C3, C1, FA, 1F, 8B, C2, C3, CC, FF, 25, 84, 13, 46, 00, FF, 25, 80, 13, 46, 00, FF, 25, 7C, 13, 46, 00, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1...
 
[+]

Entropy:
6.3558

Code size:
384 KB (393,216 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
eekas

Command:
C:\Program Files\common files\entrust\esp\eekas.exe


Scan EEKAS.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.