home

ezcddax.exe

Easy CD-DA Extractor

Poikosoft

The application ezcddax.exe by Poikosoft has been detected as a potentially unwanted program by 10 anti-malware scanners.
Publisher:
Poikosoft  (signed and verified)

Product:
Easy CD-DA Extractor

Version:
2010.2.0.0

MD5:
b20dcce805bb907558ccfc929bf0d2f0

SHA-1:
c5e67a5a6d04bbd1b42a1e49cb87dedeb3397863

Scanner detections:
10 / 68

Status:
Potentially unwanted

Analysis date:
11/5/2024 10:06:52 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/ZProtect
7.1.1

AVG
Fat-Obfuscated
2017.0.2694

Fortinet FortiGate
W32/Redosdru.ID!tr
7/3/2016

F-Secure
Packed:W32/PeCan.A
11.2016-03-07_1

IKARUS anti.virus
possible-Threat.Crack.EZCDDA
t3scan.1.8.9.0

K7 AntiVirus
Trojan
13.202.15641

McAfee
Artemis!B20DCCE805BB
5600.6350

Norman
Redosdru.LS
11.20160703

Trend Micro House Call
TROJ_GEN.R047B01AL15
7.2.185

VIPRE Antivirus
Trojan-Dropper.Win32.Resdro.b
39486

File size:
3.8 MB (4,026,168 bytes)

Product version:
2010.2.0.0

Copyright:
Copyright 1998 - 2010 Jukka Poikolainen & Poikosoft

Trademarks:
Poikosoft and Easy CD-DA Extractor are registered trademarks of Poikosoft

Original file name:
ezcddax.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Documents and Settings\{user}\Local settings\temp\{random}.tmp\easy cd-da extractor 2010 v2010.2 ultimate\easy cd-da extractor\virtual\modified\@programfiles@\easy cd-da extractor 2010\ezcddax.exe

Digital Signature
Signed by:
Poikosoft

Authority:
The USERTRUST Network

Valid from:
12/30/2009 1:00:00 AM

Valid to:
12/30/2012 12:59:59 AM

Subject:
CN=Poikosoft, O=Poikosoft, STREET=Kivitaltankatu 5 E 9, L=Tampere, S=n/a, PostalCode=33560, C=FI

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
3342B39AF717A717A79F45ABBF4D578A

File PE Metadata
Compilation timestamp:
9/10/1987 8:27:18 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
83.82

CTPH (ssdeep):
98304:UOZMsRgokfoONGgd3h5yUASX33ttOKpTUzn:U814QONV5yzg39tOKpTUzn

Entry address:
0x8F9596

Entry point:
E8, 02, 00, 00, 00, AA, D9, 87, 3C, 24, 8D, BF, DB, FF, FF, FF, 87, 3C, 24, E9, C8, FF, FF, FF, A2, 05, C3, E9, 59, FE, FF, FF, 0F, 83, 03, 05, 00, 00, E9, D1, 02, 00, 00, 8A, 1B, E9, 04, 04, 00, 00, DE, 4C, 71, E8, 02, 00, 00, 00, B2, 29, 87, 34, 24, 8D, B6, B9, FA, FF, FF, 87, 34, 24, E9, A6, FA, FF, FF, 0B, 21, E9, 64, 05, 00, 00, 1B, D2, E9, 71, FD, FF, FF, B4, 2E, 01, 84, DB, E9, 30, FC, FF, FF, F0, C5, C7, 45, E8, 6C, 6C, 6F, 63, E9, 43, FA, FF, FF, 57, 2B, E9, 85, 01, 00, 00, 48, E9, D7, FD, FF, FF...
 
[+]

Code size:
704 KB (720,896 bytes)

Remove ezcddax.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.