home

EpicScale.exe

EpicScale

Epic Scale, Inc.

The file EpicScale.exe by Epic Scale has been detected as a potentially unwanted program by 10 anti-malware scanners. This file is typically installed with the program EpicScale Application by EpicScale, Inc.. The file has been seen being downloaded from sng01.objectstorage.softlayer.net.
Publisher:
EpicScale Inc.  (signed by Epic Scale, Inc.)

Product:
EpicScale

Description:
EpicScale module

Version:
1.0.0.0

MD5:
17b4664cb18ecd7cf0943682ba863d8a

SHA-1:
320acbb1f5fc0514433ff984bea584fd927f90b1

SHA-256:
16c3e628f62506c3200099abf9add9c6e182a73708a7379a53d9f6bc2fd60b5d

Scanner detections:
10 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 12:46:23 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
W32/Ramnit.C
7.11.30.172

avast!
Win32:EpicScale-D [PUP]
150525-2

Comodo Security
Application.Win32.EpicScale.A
22284

Dr.Web
riskware program Program.EpicScale.23
9.0.1.05190

ESET NOD32
Win32/EpicScale.A potentially unwanted application
7.0.302.0

Malwarebytes
PUP.Optional.EpicScale
v2015.05.31.03

Panda Antivirus
Trj/Genetic.gen
15.05.31.03

Reason Heuristics
PUP.Optional.EpicScale
15.5.31.3

Sophos
Generic PUA EK
4.98

VIPRE Antivirus
Trojan.Win32.Generic
41052

File size:
350.5 KB (358,920 bytes)

Product version:
1.0.0.0

Copyright:
(c) EpicScale Inc. All rights reserved.

Original file name:
EpicScale.exe

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\awhc683.tmp

Digital Signature
Signed by:
Epic Scale, Inc.

Authority:
Symantec Corporation

Valid from:
4/19/2015 7:30:00 PM

Valid to:
6/18/2016 7:29:59 PM

Subject:
CN="Epic Scale, Inc.", O="Epic Scale, Inc.", L=Oakland, S=California, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
732B10C8A5DBD0D56B01F5A5AAE63571

File PE Metadata
Compilation timestamp:
5/30/2015 10:09:19 AM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
6144:0uahkOKyQO62aV05jbr81slyeQ+wtrVEYIsga:VaVla2jbQwyeQztwsga

Entry address:
0x1DC10

Entry point:
E8, DC, 75, 00, 00, E9, 7F, FE, FF, FF, 3B, 0D, 20, C6, 44, 00, 75, 02, F3, C3, E9, E5, 26, 00, 00, 55, 8B, EC, FF, 75, 14, 6A, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 05, 00, 00, 00, 83, C4, 14, 5D, C3, 55, 8B, EC, 83, EC, 20, 53, 57, 33, DB, 8D, 7D, E4, 6A, 07, 33, C0, 89, 5D, E0, 59, F3, AB, 39, 45, 10, 75, 18, E8, 28, 2F, 00, 00, C7, 00, 16, 00, 00, 00, E8, 45, 7C, 00, 00, 83, C8, FF, E9, 9B, 00, 00, 00, 8B, 45, 0C, 56, 8B, 75, 08, 85, C0, 74, 19, 85, F6, 75, 15, E8, 01, 2F, 00, 00, C7, 00, 16, 00...
 
[+]

Code size:
225 KB (230,400 bytes)

The file EpicScale.exe has been discovered within the following program.

EpicScale Application  by EpicScale, Inc.
About 8% of users remove it
 
Powered by Should I Remove It?

The file EpicScale.exe has been seen being distributed by the following URL.

https://sng01.objectstorage.softlayer.net/v1/AUTH_824a6f84-bea6-4b78-b0db-586c2d41714f/install/setup/exe/AMONETIZE/.../EpicScale.exe

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP SSL):
Connects to a23-214-210-7.deploy.static.akamaitechnologies.com  (23.214.210.7:443)

TCP (HTTP SSL):
Connects to a23-32-10-58.deploy.static.akamaitechnologies.com  (23.32.10.58:443)

TCP (HTTP SSL):
Connects to a104-81-177-170.deploy.static.akamaitechnologies.com  (104.81.177.170:443)

TCP:
Connects to static.14.31.201.138.clients.your-server.de  (138.201.31.14:3336)

TCP (HTTP SSL):
Connects to a95-101-158-107.deploy.akamaitechnologies.com  (95.101.158.107:443)

TCP (HTTP):
Connects to a84-53-133-35.deploy.akamaitechnologies.com  (84.53.133.35:80)

TCP (HTTP SSL):
Connects to a104-85-26-156.deploy.static.akamaitechnologies.com  (104.85.26.156:443)

TCP:
Connects to 163-172-38-13.rev.poneytelecom.eu  (163.172.38.13:5555)

TCP (HTTP SSL):
Connects to a23-12-150-238.deploy.static.akamaitechnologies.com  (23.12.150.238:443)

TCP (HTTP SSL):
Connects to a104-117-143-165.deploy.static.akamaitechnologies.com  (104.117.143.165:443)

TCP (HTTP SSL):
Connects to a23-37-91-194.deploy.static.akamaitechnologies.com  (23.37.91.194:443)

TCP (HTTP SSL):
Connects to a23-35-212-24.deploy.static.akamaitechnologies.com  (23.35.212.24:443)

TCP (HTTP):
Connects to a23-34-57-73.deploy.static.akamaitechnologies.com  (23.34.57.73:80)

TCP (HTTP SSL):
Connects to a23-10-49-109.deploy.static.akamaitechnologies.com  (23.10.49.109:443)

TCP (HTTP SSL):
Connects to a104-126-45-167.deploy.static.akamaitechnologies.com  (104.126.45.167:443)

TCP (HTTP SSL):
Connects to a104-105-128-171.deploy.static.akamaitechnologies.com  (104.105.128.171:443)

Remove EpicScale.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.