home

efo.exe

EasyFileOpener

PCVARK Software Private Limited

The application efo.exe by PCVARK Software Private Limited has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
PCVARK Software Private Limited  (signed and verified)

Product:
EasyFileOpener

Version:
1.0.0.0

MD5:
24e5e44ce25b731025718c5d8e965b5d

SHA-1:
f873c7e5ed2032decbc9b3314c78ecca02c1f06b

SHA-256:
2407bf1af40acf663ba3736dde1aaafea7f304a158edcdf75456d9d6bc2d8c7a

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/5/2024 8:15:12 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.PCVark.EFO (L)
16.10.6.17

File size:
47.5 KB (48,616 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2015

Original file name:
efo.exe

File type:
Executable application (Win32 EXE)

Language:
Nezavisno od jezika

Common path:
C:\Windows\System32\config\systemprofile\appdata\roaming\easyfileopener\efo.exe

Digital Signature
Signed by:
PCVARK Software Private Limited

Authority:
Symantec Corporation

Valid from:
5/26/2015 2:00:00 AM

Valid to:
5/26/2016 1:59:59 AM

Subject:
CN=PCVARK Software Private Limited, OU=Technical, O=PCVARK Software Private Limited, L=Jaipur, S=Rajasthan, C=IN

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
1CF5E0439ADD288DF6F2231F069DA9EB

File PE Metadata
Compilation timestamp:
6/13/2015 6:58:12 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:ADgGc/AfaWyaQlXxAcNTZEzo6RGdOGddU72RVl2B8w9sYYIif:AeYmXlXxAEOzokDSVl2B8+sGif

Entry address:
0x7506

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
21.5 KB (22,016 bytes)

Remove efo.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.