home

EVA.exe

EVA

The EdGCM Cooperative

Publisher:
The EdGCM Cooperative

Product:
EVA

Version:
1.6.6.0

MD5:
d6357f899acaa92e052759cc906b0aab

SHA-1:
b07bdc68ef54d54abf99a1c0ad361b89a5b70d66

SHA-256:
c72d54f0bbacb0a901a7a39cbd2777e3d6727dcf698ee44d387cc78eb66fc0be

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 11:56:34 AM UTC  (today)

File size:
8.9 MB (9,283,585 bytes)

Product version:
EVA

Copyright:
EdGCM Visualization App (EVA)

Original file name:
EVA.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\eva.exe

File PE Metadata
Compilation timestamp:
4/6/2006 4:14:20 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
3.0

CTPH (ssdeep):
196608:QcbC8btAagc67+uBYoevEvrSgmf/XitQOU:QcbC8bIxBYoevEvmgaXitQOU

Entry address:
0x1915F0

Entry point:
55, 89, E5, 6A, FF, 68, 78, F9, 63, 00, 68, 60, 28, 59, 00, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 50, 53, 83, EC, 48, 89, 65, EC, C7, 45, FC, 00, 00, 00, 00, 55, B8, FF, FF, FF, FF, 50, 50, 68, A0, 2A, 59, 00, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 83, EC, 20, 83, E4, E0, 68, 08, EB, 63, 00, E8, C9, 14, 00, 00, 59, E8, 33, 0F, 00, 00, 85, C0, 75, 08, 6A, FF, E8, C8, FA, FF, FF, 59, 68, 00, 00, 64, 00, E8, 9D, 18, 00, 00, 59, FF, 15, 40, 8B, 64, 00, 89, C3, 85, DB, 74, 06...
 
[+]

Entropy:
6.3242

Code size:
1.6 MB (1,650,176 bytes)

The file EVA.exe has been seen being distributed by the following URL.

http://edgcm.columbia.edu/.../EVA.exe

Scan EVA.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.