home

efo.exe

EasyFileOpener

PCVARK Software Private Limited

The application efo.exe by PCVARK Software Private Limited has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
PCVARK Software Private Limited  (signed and verified)

Product:
EasyFileOpener

Version:
1.0.0.0

MD5:
4715e99fb502fb5b65a772969d1aabbf

SHA-1:
7e3503c9b6a9f8d301876b60ed18ed3756533e57

SHA-256:
5e62fc5231dadb2d4316853bbfb2faef99e70d07caddc1ac2e86775a9cfecea2

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/5/2024 8:06:57 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.PCVark.EFO (L)
16.10.6.17

File size:
47.5 KB (48,616 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2015

Original file name:
efo.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\roaming\easyfileopener\efo.exe

Digital Signature
Signed by:
PCVARK Software Private Limited

Authority:
Symantec Corporation

Valid from:
5/25/2015 8:00:00 PM

Valid to:
5/25/2016 7:59:59 PM

Subject:
CN=PCVARK Software Private Limited, OU=Technical, O=PCVARK Software Private Limited, L=Jaipur, S=Rajasthan, C=IN

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
1CF5E0439ADD288DF6F2231F069DA9EB

File PE Metadata
Compilation timestamp:
6/16/2015 9:24:33 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:5DgKTmc6RAfaWyPlXxAaNTQENg6RGdOGddU72RVl2B8w9sKYICy:5FQYmPlXxAaxNgkDSVl2B8+sYCy

Entry address:
0x7502

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.5235

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
21.5 KB (22,016 bytes)

Remove efo.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.