home

etschagent.exe

East-Tec Eraser

EAST-TEC S.R.L.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘East-Tec east-tec Eraser Scheduler Agent’.
Publisher:
East-Tec  (signed by EAST-TEC S.R.L.)

Product:
East-Tec Eraser

Description:
Sheduler Service Agent

Version:
1.0.0.1335

MD5:
a71f147efa01c957494480d39f90b167

SHA-1:
5e058413098dc2a0abbe3716f3f60de89f407279

SHA-256:
3abf3a6a33c3165e86b5e5b6b9d1b7d83bc82dc366b394a3782286cff3513ec0

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/8/2024 10:45:40 AM UTC  (today)

File size:
2.1 MB (2,226,376 bytes)

Product version:
12.8.0.8301

Copyright:
Copyright © 1997-2016 East-Tec S.R.L.

Trademarks:
Trademark

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\east-tec eraser\etschagent.exe

Digital Signature
Signed by:
EAST-TEC S.R.L.

Authority:
COMODO CA Limited

Valid from:
10/15/2015 6:00:00 PM

Valid to:
10/15/2016 5:59:59 PM

Subject:
CN=EAST-TEC S.R.L., O=EAST-TEC S.R.L., STREET=Str. Balogh Istvan 17, L=Oradea, S=BIHOR, PostalCode=410283, C=RO

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
24C62CC7324E6542669BBFE5D1FA9231

File PE Metadata
Compilation timestamp:
6/29/2016 6:20:15 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:T/k11xR3ax5w1O/2uzqJbEIWIc1YKbbaSqajRBuSi87q9BhQ/sLzlkujr8yjxg:To1x9pwgoIDKiIRQSi87ilprjS

Entry address:
0x1E3770

Entry point:
55, 8B, EC, 83, C4, F0, 53, 56, B8, 7C, B2, 5D, 00, E8, D6, BC, E2, FF, 8B, 35, 90, 8F, 5E, 00, B8, 08, 38, 5E, 00, E8, 6A, 92, FE, FF, 8B, 06, E8, BB, F6, FD, FF, B8, 40, 38, 5E, 00, E8, 59, 92, FE, FF, B2, 01, A1, C4, CA, 5C, 00, E8, A5, 94, FE, FF, 8B, D8, B8, 9C, 38, 5E, 00, E8, 41, 92, FE, FF, EB, 22, 8B, 06, E8, 78, F5, FD, FF, B8, D4, 38, 5E, 00, E8, 2E, 92, FE, FF, 8B, C3, E8, F3, 96, FE, FF, 68, F4, 01, 00, 00, E8, F9, 01, E3, FF, 8B, 06, 80, B8, BC, 00, 00, 00, 00, 74, D3, B8, 1C, 39, 5E, 00, E8...
 
[+]

Entropy:
6.6232

Developed / compiled with:
Microsoft Visual C++

Code size:
1.9 MB (1,975,808 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
East-Tec east-tec Eraser Scheduler Agent

Command:
C:\Program Files\east-tec eraser\etschagent.exe


Scan etschagent.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.