» ezcddax.exe
Overview
Analysis
File Details
Behaviors (1)

ezcddax.exe

Easy CD-DA Extractor

Poikosoft

The application ezcddax.exe by Poikosoft has been detected as a potentially unwanted program by 12 anti-malware scanners.

File name:

ezcddax.exe

Publisher:

Poikosoft (signed and verified)

Product:

Easy CD-DA Extractor

Version:

2011.0.0.0

MD5:

1f24a97f2529eb5dc48ef52993160029

SHA-1:

93af1c1608e529996b78849eabd30e6ac4c89b3f

SHA-256:

c8af9deba684f204224c63b62d650a4a06e440d9f2f67c649461516b32318a13

Scanner detections:

12 / 68

Status:

Potentially unwanted

Analysis date:

11/5/2024 10:14:22 PM UTC (today)

Scan engine

Detection

Engine version

AVG

Fat-Obfuscated

2017.0.2516

Comodo Security

UnclassifiedMalware

11845

Emsisoft Anti-Malware

Backdoor.Win32.SdBot!IK

8.16.12.28.11

F-Secure

Packed:W32/PeCan.A

11.2016-28-12_4

IKARUS anti.virus

Backdoor.Win32.SdBot

t3scan.1.1.118.0

K7 AntiVirus

Trojan

13.133.6465

McAfee

Artemis!1F24A97F2529

5600.6172

Norman

W32/Redosdru.LS

11.20161228

Sophos

Sus/UnkPacker

4.73 TP

Trend Micro House Call

Mal_Xed-3

7.2.363

Trend Micro

Mal_Xed-3

10.465.28

VIPRE Antivirus

Trojan-Dropper.Win32.Resdro.b

11687

File size:

3.8 MB (3,981,112 bytes)

Product version:

2011.0.0.0

Trademarks:

Poikosoft and Easy CD-DA Extractor are registered trademarks of Poikosoft

Original file name:

ezcddax.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\easy cd-da extractor 2011\ezcddax.exe

Digital Signature

Signed by:

Poikosoft

Authority:

The USERTRUST Network

Valid from:

12/30/2009 1:00:00 AM

Valid to:

12/30/2012 12:59:59 AM

Subject:

CN=Poikosoft, O=Poikosoft, STREET=Kivitaltankatu 5 E 9, L=Tampere, S=n/a, PostalCode=33560, C=FI

Issuer:

CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:

3342B39AF717A717A79F45ABBF4D578A

File PE Metadata

Compilation timestamp:

9/10/1987 8:27:18 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

83.82

Entry address:

0x8C4ABD

Entry point:

E8, 01, 00, 00, 00, 0B, 87, 14, 24, 8D, 92, E7, FB, FF, FF, 87, 14, 24, E9, D5, FB, FF, FF, F1, 01, 36, E9, 24, F5, FF, FF, 66, 39, 08, E9, 65, FA, FF, FF, 6A, 27, 42, AC, E9, B9, F5, FF, FF, 45, B0, 00, 00, 00, 00, 00, 0F, 85, 15, FA, FF, FF, E9, 1F, FB, FF, FF, 3A, 1A, E9, 21, FB, FF, FF, CD, 28, A3, BE, 0F, 85, 5B, F6, FF, FF, E9, 16, F6, FF, FF, 84, DB, E9, 61, 00, 00, 00, 45, 85, 3F, D2, E8, 01, 00, 00, 00, B0, 87, 34, 24, 8D, B6, 13, FD, FF, FF, 87, 34, 24, E9, A8, F8, FF, FF, CD, 84, 07, 57, E9, 36... 
[+]

Code size:

708 KB (724,992 bytes)

Autoplay Handler

Display name:

EZCDDAXAutoPlayAudioCD

Remove ezcddax.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.