» epicsetup.exe
Overview
Analysis
File Details

epicsetup.exe

Epic Privacy Browser Installer

Hidden Reflex Inc

The executable epicsetup.exe, “Epic Privacy Browser Installer Setup” has been detected as malware by 11 anti-virus scanners. This is a setup and installation application and has been known to bundle potentially unwanted software.

File name:

epicsetup.exe

Publisher:

Epic Privacy Browser (signed by Hidden Reflex Inc)

Product:

Epic Privacy Browser Installer

Description:

Epic Privacy Browser Installer Setup

Version:

1.3.27.13

MD5:

597e05860e1eb0b4215e60d1e5bdb3d8

SHA-1:

1e878677b2d3626fab9e5e91fbb2c127ecb9b0e5

SHA-256:

d9503c88d30200aff8c6157b556ea1949c4b238c5310d3aaca5828176bf3b886

Scanner detections:

11 / 68

Status:

Malware

Analysis date:

11/15/2024 5:24:46 AM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:Pioneer-C

160327-1

AVG

Win32/Floxif.A

2015.0.4568

Dr.Web

Win32.FloodFix.7

9.0.1.05190

Emsisoft Anti-Malware

Win32.Floxif

16.05.17

ESET NOD32

Win32/Floxif.H virus

7.0.302.0

F-Prot

W32/Floxif.B

4.6.5.141

F-Secure

Win32.Floxif.A

5.15.21

Kaspersky

Virus.Win32.Pioneer

15.0.0.562

McAfee

Trojan.Dropper-FIY!597E05860E1E

18.0.204.0

Microsoft Security Essentials

Threat.Undefined

1.219.1973.0

Norman

Win32.Floxif.A

02.04.2016 17:35:19

File size:

1.8 MB (1,915,125 bytes)

Product version:

1.3.27.13

Original file name:

EpicUpdateSetup.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\epicsetup.exe

Digital Signature

Signed by:

Hidden Reflex Inc

Authority:

COMODO CA Limited

Valid from:

12/28/2014 4:00:00 PM

Valid to:

12/29/2015 3:59:59 PM

Subject:

CN=Hidden Reflex Inc, O=Hidden Reflex Inc, POBox=20155, STREET=5744 Yewing Way, L=Gainesville, S=Virginia, PostalCode=20155, C=US

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

4A15F6D042503ABAD4B6F1D93DE4C455

File PE Metadata

Compilation timestamp:

3/1/2015 3:29:09 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

49152:ZaECKpU/Q/bfFdUfIpUV+K3HOgubi/A6Rcz/:YEuQgMw+KRut6Rcb

Entry address:

0x1000

Entry point:

E9, F3, 3C, 01, 00, E8, 36, 03, 00, 00, E8, 11, 00, 00, 00, 5D, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 6A, FE, 68, 28, 26, 46, 00, 68, D0, 70, 40, 00, 64, A1, 00, 00, 00, 00, 50, 83, C4, 94, 53, 56, 57, A1, 78, 40, 46, 00, 31, 45, F8, 33, C5, 50, 8D, 45, F0, 64, A3, 00, 00, 00, 00, 89, 65, E8, C7, 45, 90, 00, 00, 00, 00, C7, 45, FC, 00, 00, 00, 00, 8D, 45, A0, 50, FF, 15, 84, 31, 45, 00, C7, 45, FC, FE, FF, FF, FF, EB, 26, B8, 01, 00, 00, 00, C3, 8B, 65, E8, C7... 
[+]

Entropy:

7.8191

Packer / compiler:

Xtreme-Protector v1.05

Code size:

325.5 KB (333,312 bytes)

Remove epicsetup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.