epm.exe

EaseUS Partition Master

CHENGDU YIWO Tech Development Co., Ltd.

This is a setup and installation application.
Publisher:
EaseUS   (signed by CHENGDU YIWO Tech Development Co., Ltd.)

Product:
EaseUS Partition Master

Description:
EaseUS Partition Master Setup

Version:
10.0

MD5:
d51ab1393dcbd3d2f856ce94385d8392

SHA-1:
98eef6e1dd44ce2c4961fd51d1b7494d2fd11f06

SHA-256:
f8c1cff5977733054368fd9d0a0a08203da562909136c5f9d97748f271974997

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 10:47:12 AM UTC  (today)

File size:
37.6 MB (39,428,336 bytes)

Product version:
10.0

Copyright:
Copyright (c) 2004-2014 CHENGDU YIWO Tech Development Co., Ltd (YIWO Tech Ltd, for short).

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\epm.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
4/23/2012 3:00:00 AM

Valid to:
9/12/2014 2:59:59 AM

Subject:
CN="CHENGDU YIWO Tech Development Co., Ltd.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="CHENGDU YIWO Tech Development Co., Ltd.", L=Chengdu, S=Sichuan, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
33C34CCA6E6816B62B677D44B06835E5

File PE Metadata
Compilation timestamp:
10/9/2012 11:48:22 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
786432:Q0b4nxEbvBrdLDt1Eam+DtGHizBQoQ0iITi3ScwSfFNymelqP+Bs:XcnxEVxLDrLmnCxzTiwsLy3lq3

Entry address:
0xF3BC

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 64, ED, 40, 00, E8, E8, 71, FF, FF, 33, C0, 55, 68, 89, FA, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 45, FA, 40, 00, 64, FF, 32, 64, 89, 22, A1, 48, 3B, 41, 00, E8, BE, F7, FF, FF, E8, 65, F3, FF, FF, 8D, 55, EC, 33, C0, E8, F7, C3, FF, FF, 8B, 55, EC, B8, 4C, 66, 41, 00, E8, 6A, 58, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, 4C, 66, 41, 00, B2, 01...
 
[+]

Entropy:
7.9999

Developed / compiled with:
Microsoft Visual C++

Code size:
59 KB (60,416 bytes)

The file epm.exe has been discovered within the following program.

360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).
www.360amigo.com
53% remove it
 
Powered by Should I Remove It?

The file epm.exe has been seen being distributed by the following 10 URLs.

Scan epm.exe - Powered by Reason Core Security