epicsetup.exe

Epic Privacy Browser Installer

Hidden Reflex Inc

The executable epicsetup.exe, “Epic Privacy Browser Installer Setup” has been detected as malware by 11 anti-virus scanners. This is a setup and installation application and has been known to bundle potentially unwanted software.
Publisher:
Epic Privacy Browser  (signed by Hidden Reflex Inc)

Product:
Epic Privacy Browser Installer

Description:
Epic Privacy Browser Installer Setup

Version:
1.3.27.13

MD5:
597e05860e1eb0b4215e60d1e5bdb3d8

SHA-1:
1e878677b2d3626fab9e5e91fbb2c127ecb9b0e5

SHA-256:
d9503c88d30200aff8c6157b556ea1949c4b238c5310d3aaca5828176bf3b886

Scanner detections:
11 / 68

Status:
Malware

Analysis date:
12/26/2024 11:54:25 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Pioneer-C
160327-1

AVG
Win32/Floxif.A
2015.0.4568

Dr.Web
Win32.FloodFix.7
9.0.1.05190

Emsisoft Anti-Malware
Win32.Floxif
16.05.17

ESET NOD32
Win32/Floxif.H virus
7.0.302.0

F-Prot
W32/Floxif.B
4.6.5.141

F-Secure
Win32.Floxif.A
5.15.21

Kaspersky
Virus.Win32.Pioneer
15.0.0.562

McAfee
Trojan.Dropper-FIY!597E05860E1E
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.219.1973.0

Norman
Win32.Floxif.A
02.04.2016 17:35:19

File size:
1.8 MB (1,915,125 bytes)

Product version:
1.3.27.13

Copyright:
Copyright 2007-2010 Google Inc.

Original file name:
EpicUpdateSetup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\epicsetup.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
12/28/2014 4:00:00 PM

Valid to:
12/29/2015 3:59:59 PM

Subject:
CN=Hidden Reflex Inc, O=Hidden Reflex Inc, POBox=20155, STREET=5744 Yewing Way, L=Gainesville, S=Virginia, PostalCode=20155, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
4A15F6D042503ABAD4B6F1D93DE4C455

File PE Metadata
Compilation timestamp:
3/1/2015 3:29:09 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:ZaECKpU/Q/bfFdUfIpUV+K3HOgubi/A6Rcz/:YEuQgMw+KRut6Rcb

Entry address:
0x1000

Entry point:
E9, F3, 3C, 01, 00, E8, 36, 03, 00, 00, E8, 11, 00, 00, 00, 5D, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 6A, FE, 68, 28, 26, 46, 00, 68, D0, 70, 40, 00, 64, A1, 00, 00, 00, 00, 50, 83, C4, 94, 53, 56, 57, A1, 78, 40, 46, 00, 31, 45, F8, 33, C5, 50, 8D, 45, F0, 64, A3, 00, 00, 00, 00, 89, 65, E8, C7, 45, 90, 00, 00, 00, 00, C7, 45, FC, 00, 00, 00, 00, 8D, 45, A0, 50, FF, 15, 84, 31, 45, 00, C7, 45, FC, FE, FF, FF, FF, EB, 26, B8, 01, 00, 00, 00, C3, 8B, 65, E8, C7...
 
[+]

Entropy:
7.8191

Packer / compiler:
Xtreme-Protector v1.05

Code size:
325.5 KB (333,312 bytes)

Remove epicsetup.exe - Powered by Reason Core Security