epipwen64.exe

Ohiz Jatanecciihe Ug

The application epipwen64.exe by Ohiz Jatanecciihe Ug has been detected as a potentially unwanted program by 5 anti-malware scanners.
Publisher:
Ohiz Jatanecciihe Ug  (signed and verified)

MD5:
907b511c01ffa5f26f9e59888f0076e6

SHA-1:
faee5a0fb1b40f0c47cab32c1e41572c939c5fe2

SHA-256:
d8ea70714cc8e9e835d0d24bcd770e17345b99a59dc3de96eb544ce97dbcdf87

Scanner detections:
5 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 5:19:54 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Malware-gen
150520-1

Dr.Web
Trojan.Lyrics.993
9.0.1.0193

ESET NOD32
Win64/Adware.PennyBee (variant)
9.11767

F-Secure
Application.Generic.1344055
11.2015-12-07_1

Reason Heuristics
PUP.Win.Reputation.OhizJatanecciiheUg
15.7.11.21

File size:
300.5 KB (307,664 bytes)

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\ProgramData\adblocker\1.1.0.31\epipwen64.exe

Digital Signature
Authority:
Ohiz Jatanecciihe Ug

Valid from:
5/20/2015 9:25:57 PM

Valid to:
5/19/2016 9:25:57 PM

Subject:
CN=Tacd Iicuat, O=Ohiz Jatanecciihe Ug, L=Cinbadg, S=Tozpiskuil, C=US

Issuer:
CN=Leocbaad Boacm, O=Ohiz Jatanecciihe Ug, L=Cinbadg, S=Tozpiskuil, C=US

Serial number:
01

File PE Metadata
Compilation timestamp:
5/20/2015 9:30:22 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
10.0

CTPH (ssdeep):
6144:hmp//rwJSi4Y3pe/8VEtxYBpdNGTwkAU4cjp+/4a3fcTc4hg:G/rwJ5H3SLYdUa/4a3k52

Entry address:
0x1D8A0

Entry point:
48, 83, EC, 28, E8, DB, C3, 00, 00, 48, 83, C4, 28, E9, 76, FE, FF, FF, CC, CC, 48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 33, FF, 48, 8B, DA, 48, 8B, F1, 48, 85, D2, 74, 1D, 33, D2, 48, 8D, 47, E0, 48, F7, F3, 49, 3B, C0, 73, 0F, E8, E1, 08, 00, 00, C7, 00, 0C, 00, 00, 00, 33, C0, EB, 3D, 49, 0F, AF, D8, 48, 85, C9, 74, 08, E8, 29, 5E, 00, 00, 48, 8B, F8, 48, 8B, D3, 48, 8B, CE, E8, 2F, C4, 00, 00, 48, 8B, F0, 48, 85, C0, 74, 16, 48, 3B, FB, 73, 11, 48, 2B, DF, 48, 8D, 0C, 07, 33, D2, 4C...
 
[+]

Code size:
201.5 KB (206,336 bytes)

Remove epipwen64.exe - Powered by Reason Core Security