EpmNews.exe

EaseUS Partition Master Free Edition

CHENGDU YIWO Tech Development Co., Ltd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘EaseUS EPM tray’.
Publisher:
CHENGDU YIWO Tech Development Co., Ltd  (signed by CHENGDU YIWO Tech Development Co., Ltd.)

Product:
EaseUS Partition Master Free Edition

Description:
EaseUS Partition Master Free Edition Application

Version:
10.8.0.0

MD5:
f43d3c9824582b928522cb2431a154d8

SHA-1:
5fcdde0ca323301ebe7668ce0c5172ed0f352f2d

SHA-256:
a2eebfc2040954d34400f68f6bc0c05890dbfc966640d87618d633141095987f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/26/2024 10:09:45 PM UTC  (today)

File size:
2.1 MB (2,167,335 bytes)

Product version:
10.8.0.0

Copyright:
Copyright (C) 2004-2015

Original file name:
EpmNews.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\easeus\easeus partition master 10.8\bin\epmnews.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
9/3/2014 6:00:00 AM

Valid to:
10/3/2017 5:59:59 AM

Subject:
CN="CHENGDU YIWO Tech Development Co., Ltd.", OU=IT, O="CHENGDU YIWO Tech Development Co., Ltd.", L=Chengdu, S=Sichuan, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7F86B44C3EFB81FAC8C8B67058054F6A

File PE Metadata
Compilation timestamp:
9/16/2015 11:02:39 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x1050A7

Entry point:
E9, 00, 3A, FD, FF, E9, 79, FE, FF, FF, 3B, 0D, 44, 98, 57, 00, 75, 02, F3, C3, E9, B3, 72, 00, 00, 8B, FF, 51, C7, 01, 4C, 3C, 55, 00, E8, AB, 73, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 56, 8B, F1, E8, E3, FF, FF, FF, F6, 45, 08, 01, 74, 07, 56, E8, D1, 10, F0, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 83, C1, 09, 51, 83, C0, 09, 50, E8, EA, 73, 00, 00, F7, D8, 59, 1B, C0, 59, 40, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 56, 8B, 75, 14, 57, 33, FF, 3B, F7, 75, 04, 33, C0, EB, 65, 39, 7D...
 
[+]

Entropy:
6.8145

Packer / compiler:
Xtreme-Protector v1.05

Code size:
1.2 MB (1,231,360 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
EaseUS EPM tray

Command:
C:\Program Files\easeus\easeus partition master 10.8\bin\epmnews.exe


Scan EpmNews.exe - Powered by Reason Core Security