atieclxx.exe

MD5 Hash: afbdbb63647950cea9b48f1e7128dc80
SHA256 Hash: 8da9f6a650f2f5d58f102e20720404ad87008669652e785b9ab6857ebe733bc3
File size: 487936 bytes (477 KB.)
Last analysis: 03 Jul, 2018 13:20:28

Analysis MD5: afbdbb63647950cea9b48f1e7128dc80

Analysis of the file classifies it as a class A (Safe). The file is safe to use. The trust index of this analysis is 73 % (high).

A
B
C
D+
D
D-
E+
E
E-
F

Description

atieclxx.exe is a ATI Controlpanel. It is part of the application ATi Graphiccard drivers, developed by AMD. This file is responsible for a hardware piece in your system. It offers additional configuration options and support for this device

Filename: atieclxx.exe (ATI Controlpanel)
Threat analysis: Safe
Analysis trust:
73%
Recent activity:
First seen: 14 Feb, 2014
Last seen: 14 Feb, 2014
Last analysis: 03 Jul, 2018
Possible infection: Clean

atieclxx.exe ATI Controlpanel

Application: ATi Graphiccard drivers
Developer: AMD
Stability:
85%
File version: 6.14.11.1161
File size: 487936 bytes (477 KB.)
Recent activity:
Historic activity:
CRC32 hash: 2006046649
MD5 hash: afbdbb63647950cea9b48f1e7128dc80
SHA1 hash: aecd0a9e2c5c1e07b77f797dd725d772a8dda0e5
SHA256 hash: 8da9f6a650f2f5d58f102e20720404ad87008669652e785b9ab6857ebe733bc3
B

Signature verification

Unsigned

This file has no digital signature. The publisher of this file could not be verified.

Publisher n/a
Product AMD External Events
Description AMD External Events Client Module
Signingdate 0000-00-00 00:00:00
D+

File entropy

File entropy match: Encrypted

Parts of this file are encrypted. The reasons might be benign but it makes the analysis more difficult.

| 0 b.487936 b. |
Plain Data Text Code Compressed Encrypted Random

File signature

Executable file

An executable file causes a computer "to perform indicated tasks according to encoded instructions," as opposed to a data file that must be parsed by a program to be meaningful.

The determination of a file type is done with a signature or magic-numbers. Files are identified using by comparing the first set of bytes in the file header. Using this method type of files are recognised no matter the extension used. This information is useful to for example recognise executable files cloaked as images or movies.


A

Malicious code scan

No malicious code found

Agics makes een analysis of the source code of the file. We look for comparisons with known malicious source code. This is a good way to detect new malicious files which are in fact variations of existing, and known malicious files.

Scan results:

0 %

A

Online virus scanners

Detection ration:

0 %
A

VirusShare.com

Not available on virusshare.com

VirusShare.com is a repository of malware samples to provide security researchers, incident responders, forensic analysts, and the morbidly curious access to samples of live malicious code. Presence of the sample on this site indicates that the file is (Once considered) being malicious.
Website: virusshare.com
B

National Software Reference Library

Not on the nsrl list

The NSRL contains a collection of digital signatures of known, traceable software applications. There are application hash values in the hash set which may be considered malicious, i.e. steganography tools and hacking scripts.
Website: www.nsrl.nist.gov

B

Behaviour

Sandbox behaviour analysis:

The file is executed in a safe environment to track its behaviour. The behaviour analysis can help with detecting new malware which is not recognized by virusscanners yet. However it has a high chance on a false-positive, especially with installers, uninstallers and virusscanners.

Network activity

No internet connection

Dropped files

File name md5

A

Import hashing

Imphash 627c26a9dfe9c6955cb3ca41512765bd

Fingerprinting files can be done in various way. One way is to make a hash of the PE Imports. PE Imports are relative unique and this is a great way to find new variants of existing malware. The chance of false-positives is relative high. The resulting hash is often called an imphash.

0% Match0% Match
C

Statistic analysis

Statistic analysis of the file

Deviates from other files with the same name (imitation)
No certificate
Other files with the same name do not have a certificate as well
This is not a common file
B

Neural network analysis

Analysis: Low risk

A neural network is a type of artificial intelligence. It recognized patterns nog clear for a human viewer. Our neural network is surprisingly accurate in recognizing dangerous files. The value below is the predicted chance the file is malicious.

6%6 %

?

User feedback

Read feedback on this file from other users. Help other users by providing feedback yourself.

You can earn reputation points !

You are currently not logged in. Login, or Create an account

Feedback users:

There has been no user feedback provided yet.
You are not logged in. Only registered users can provide feedback. Login and help other users.

Login Create an account