home

EzQ.exe

EzQ Engine 7.0

EZNIX Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘DB Messenger’.
Publisher:
EZNIX. Inc  (signed by EZNIX Inc.)

Product:
EzQ Engine 7.0

Version:
7.0.0.42

MD5:
0ef02eb8a777443699d9567e5d6be6a1

SHA-1:
a551d9e286a2fbcb8ff2a1a7267b22cf46fe4ea9

SHA-256:
82a1da9de1331d20eb182d89385b993c7b0f94a1077a5ea3a7d7c929ad3cffcd

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 9:47:11 PM UTC  (today)

File size:
11.2 MB (11,771,168 bytes)

Product version:
7.0.0.0

Copyright:
EZNIX. Inc

Trademarks:
EzQ Engine 7.0

Original file name:
EzQ.exe

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
EZNIX Inc.

Authority:
Thawte, Inc.

Valid from:
12/9/2014 9:00:00 AM

Valid to:
1/8/2017 8:59:59 AM

Subject:
CN=EZNIX Inc., O=EZNIX Inc., L=Gangnam-gu, S=Seoul, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
3F5F9AFDC3F125E68F8ED87D8379C5BA

File PE Metadata
Compilation timestamp:
3/18/2015 2:00:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x6461B8

Entry point:
55, 8B, EC, B9, 19, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 51, 53, B8, D8, FF, A3, 00, E8, 95, 1F, 9C, FF, 33, C0, 55, 68, 67, 67, A4, 00, 64, FF, 30, 64, 89, 20, 8D, 55, EC, B8, 01, 00, 00, 00, E8, 66, D2, 9B, FF, 8B, 45, EC, BA, 80, 67, A4, 00, E8, 91, F9, 9B, FF, 0F, 85, E7, 00, 00, 00, A1, 34, 90, A6, 00, 8B, 00, E8, 43, 4E, A4, FF, A1, 34, 90, A6, 00, 8B, 00, BA, 90, 67, A4, 00, E8, EA, 48, A4, FF, 8D, 55, E0, A1, 34, 90, A6, 00, 8B, 00, E8, E3, 56, A4, FF, 8B, 45, E0, 8D, 55, E4, E8, 18, 69, 9C, FF...
 
[+]

Entropy:
6.5848

Developed / compiled with:
Microsoft Visual C++

Code size:
6.3 MB (6,574,080 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
DB Messenger

Command:
"C:\db messenger\ezq.exe"


Scan EzQ.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.