home

idsccom_554.exe

The application idsccom_554.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘IDSCCOM554’. The file has been seen being downloaded from fybs.reebdloc.com.
MD5:
d74133a7d3a3c97242e77f96bf1aaebe

SHA-1:
97c0cb7ca7518b362a1fec0e64d0db37711e96e3

SHA-256:
dc96c60e7b31480d19f47d0715ee7a3a6a8fbe03a0586fd0b221111892d3eaf0

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 9:56:23 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Eorezo (M)
16.6.14.0

File size:
347 Bytes

File type:
Executable application (Win64 EXE)

Common path:
C:\Program Files\easyhotspot\idsccom_554.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
6:qzmSOvDn7jAs9QVCQKm2aIUWEr/9HJ8MIM4mGvmQaYFeyQUYMWXz:kDuD7jD9QgQKDappl2MIM4mPQaYIyQ/F

Entry point:
3C, 68, 74, 6D, 6C, 3E, 3C, 62, 6F, 64, 79, 3E, 3C, 62, 3E, 54, 68, 65, 20, 70, 61, 67, 65, 20, 63, 61, 6E, 6E, 6F, 74, 20, 62, 65, 20, 64, 69, 73, 70, 6C, 61, 79, 65, 64, 20, 62, 65, 63, 61, 75, 73, 65, 20, 61, 6E, 20, 69, 6E, 74, 65, 72, 6E, 61, 6C, 20, 73, 65, 72, 76, 65, 72, 20, 65, 72, 72, 6F, 72, 20, 68, 61, 73, 20, 6F, 63, 63, 75, 72, 72, 65, 64, 2E, 3C, 2F, 62, 3E, 3C, 73, 63, 72, 69, 70, 74, 3E, 76, 61, 72, 20, 67, 6C, 6F, 62, 61, 6C, 20, 3D, 20, 5B, 22, 31, 34, 41, 62, 47, 6C, 38, 78, 68, 72, 30...
 
[+]

Entropy:
5.2329

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
IDSCCOM554

Command:
"C:\Program Files\easyhotspot\idsccom_554.exe"


The file idsccom_554.exe has been seen being distributed by the following URL.

http://fybs.reebdloc.com/zn/.../Setup.exe

Remove idsccom_554.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.