The EaseUS Partition Master Trial Edition (EaseUS Partition Master Trial Edition Setup ) EaseUS File Malware Analysis

The EaseUS Partition Master Trial Edition (EaseUS Partition Master Trial Edition Setup ) File Analysis

Updated 1 year ago

Checked by Malware Check

uploaded

Hash Type	Value	Action
MD5	c16b25372eb745cdf0d839ac9d940542
SHA1	719d404e15f0d8dcba5a1f822a485d2a31c46c26
SHA256	0d6661a2dc733e1b534eeeb183c030dcf95694cae108e3f27ab835d4b8b68df0
SHA512	00fb142a9b6231f8cf2cc6903fd82ee06073628670a3e2070c3e4b8d691b2b8856226f8896cc85f5f8a667bfa30ce2da47b6afb13abb766e241515ddd43e94f6
ImpHash	48aa5c8931746a9655524f67b25a47ef

Hash Type

Value

Action

MD5

c16b25372eb745cdf0d839ac9d940542

SHA1

719d404e15f0d8dcba5a1f822a485d2a31c46c26

SHA256

0d6661a2dc733e1b534eeeb183c030dcf95694cae108e3f27ab835d4b8b68df0

SHA512

00fb142a9b6231f8cf2cc6903fd82ee06073628670a3e2070c3e4b8d691b2b8856226f8896cc85f5f8a667bfa30ce2da47b6afb13abb766e241515ddd43e94f6

ImpHash

48aa5c8931746a9655524f67b25a47ef

PE Analysis

Basic Information

▼

Icon	Hash: 2571a7a924b1ee0e829979dc61d60f4c Fuzzy: 8b9ba92d5a30e02715950d4746bff8e7 dHash: f8e0e8aafc9af870
Image Base	`0x00400000`
Entry Point	`0x004113bc`
Compilation Time	2016-01-13 09:56:49
Checksum	0x02ca2d19 (Actual: 0x02ca2d19)
OS Version	5.0
PEiD Signatures	`PE32 executable (GUI) Intel 80386, for MS Windows`
Digital Signature	Chain verification from CN=Chengdu Yiwo Tech Development Co.\, Ltd., OU=it, O=Chengdu Yiwo Tech Development Co.\, Ltd., L=Chengdu, ST=Sichuan, C=CN, 2.5.4.5=91510107765360104N, 2.5.4.15=Private Organization, 1.3.6.1.4.1.311.60.2.1.1=Wuhou, 1.3.6.1.4.1.311.60.2.1.2=Sichuan, 1.3.6.1.4.1.311.60.2.1.3=CN (serial:54168318424472068129976366167068720904, sha1:c44d04767c819f9572a2e3eca21ad4b5ebe98400) failed: The path could not be validated because the end-entity certificate expired 2021-12-02 23:59:59Z
Imports	5 libraries oleaut32, advapi32, user32, kernel32, comctl32
Exports	0 functions
Resources	23 Resources
Sections	8 Sections

Digital Signatures

▼

DigiCert Assured ID Code Signing CA-1	CHENGDU YIWO Tech Development Co., Ltd. (CN)
DigiCert Assured ID Root CA	DigiCert Inc (US)

Version Information

▼

Comments	This installation was built with Inno Setup.
CompanyName	EaseUS
FileDescription	EaseUS Partition Master Trial Edition Setup
FileVersion	15.5
LegalCopyright	Copyright (c) 2004-2020 CHENGDU YIWO Tech Development Co., Ltd (YIWO Tech Ltd, for short).
ProductName	EaseUS Partition Master Trial Edition
ProductVersion	15.5
Translation	0x0000 0x04b0

PE Sections

▼

Name	Virtual Address	Virtual Size	Raw Size	Entropy	Characteristics	MD5
`.text`	`0x00001000`	61,748 bytes	61,952 bytes	6.39 (Normal)	`IMAGE_SCN_CNT_CODE\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ`	`1A600BBD86F701D3E6B2978B57906082`
`.itext`	`0x00011000`	2,884 bytes	3,072 bytes	5.74 (Normal)	`IMAGE_SCN_CNT_CODE\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ`	`0B6F227AFA44FD825F60BCCACB9073BF`
`.data`	`0x00012000`	3,208 bytes	3,584 bytes	2.25 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`DA9CB156B6104BA552CB70804B8A50A3`
`.bss`	`0x00013000`	22,200 bytes	0 bytes	0.00 (Normal)	`IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`D41D8CD98F00B204E9800998ECF8427E`
`.idata`	`0x00019000`	3,536 bytes	3,584 bytes	4.97 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`93D91A2B90E60BD758FC0C4908856AE1`
`.tls`	`0x0001a000`	8 bytes	0 bytes	0.00 (Normal)	`IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`D41D8CD98F00B204E9800998ECF8427E`
`.rdata`	`0x0001b000`	24 bytes	512 bytes	0.20 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`3DFFC444CCC131C9DCEE18DB49EE6403`
`.rsrc`	`0x0001c000`	86,000 bytes	86,016 bytes	5.78 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`5E81D58117192657A84A730A9F91DCFD`

Resource Analysis

▼

Total Resources: 23 (84,658 bytes)

Resource Type	Count	Total Size	Percentage
RT_ICON	10	45,088 bytes	53.3%
RT_STRING	6	2,668 bytes	3.2%
RT_RCDATA	4	33,908 bytes	40.1%
RT_GROUP_ICON	1	146 bytes	0.2%
RT_VERSION	1	1,268 bytes	1.5%
RT_MANIFEST	1	1,580 bytes	1.9%

Certificate Chain Analysis

▼

Certificate #1

Subject	CHENGDU YIWO Tech Development Co., Ltd. CHENGDU YIWO Tech Development Co., Ltd. CN
Issuer	DigiCert Assured ID Code Signing CA-1
Serial Number	`8675947774853925018997773188483443200`

Certificate #2

Subject	DigiCert Assured ID Code Signing CA-1 DigiCert Inc US
Issuer	DigiCert Assured ID Root CA
Serial Number	`20812206907036738015322008881189383613`

Certificate Verification Status

Chain verification from CN=Chengdu Yiwo Tech Development Co.\, Ltd., OU=it, O=Chengdu Yiwo Tech Development Co.\, Ltd., L=Chengdu, ST=Sichuan, C=CN, 2.5.4.5=91510107765360104N, 2.5.4.15=Private Organization, 1.3.6.1.4.1.311.60.2.1.1=Wuhou, 1.3.6.1.4.1.311.60.2.1.2=Sichuan, 1.3.6.1.4.1.311.60.2.1.3=CN (serial:54168318424472068129976366167068720904, sha1:c44d04767c819f9572a2e3eca21ad4b5ebe98400) failed: The path could not be validated because the end-entity certificate expired 2021-12-02 23:59:59Z

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

File Name	uploaded
File Type	PE32 executable (GUI) Intel 80386, for MS Windows
Scanner Version	1.0.139.174
Database Version	2023-09-25 00:01:38 UTC

The EaseUS Partition Master Trial Edition (EaseUS Partition Master Trial Edition Setup ) File Analysis

Technical Analysis

Clean File

Scan Another File

File Identification