apmwinsrv.exe

Paragon Software GmbH

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘apmwinapp’.
Publisher:
Paragon Software GmbH  (signed and verified)

MD5:
456de55406fd7496680db805d6c5c4e3

SHA-1:
117d6d3ab0ce9a0af08728ae3519a0f1d2f7f54e

SHA-256:
e1310f33adef3e9af747f0514074ffc16f06455c687be13ac511788859e53ce1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 7:05:16 AM UTC  (today)

File size:
65.2 KB (66,768 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\Program Files\paragon software\hfs+ for windows 10.2\apmwinsrv.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
3/22/2013 9:00:00 AM

Valid to:
5/22/2014 8:59:59 AM

Subject:
CN=Paragon Software GmbH, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Paragon Software GmbH, L=Freiburg, S=Germany, C=DE

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6BE4677481C001C02863533EB40C5EC3

File PE Metadata
Compilation timestamp:
8/12/2013 11:40:23 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x1AB8

Entry point:
48, 83, EC, 28, E8, 33, 2B, 00, 00, 48, 83, C4, 28, E9, 12, FE, FF, FF, CC, CC, 48, 89, 4C, 24, 08, 48, 81, EC, 88, 00, 00, 00, 48, 8D, 0D, 21, DA, 00, 00, FF, 15, C3, 95, 00, 00, 4C, 8B, 1D, 0C, DB, 00, 00, 4C, 89, 5C, 24, 58, 45, 33, C0, 48, 8D, 54, 24, 60, 48, 8B, 4C, 24, 58, E8, F7, 82, 00, 00, 48, 89, 44, 24, 50, 48, 83, 7C, 24, 50, 00, 74, 41, 48, C7, 44, 24, 38, 00, 00, 00, 00, 48, 8D, 44, 24, 48, 48, 89, 44, 24, 30, 48, 8D, 44, 24, 40, 48, 89, 44, 24, 28, 48, 8D, 05, CC, D9, 00, 00, 48, 89, 44, 24...
 
[+]

Entropy:
6.1779

Code size:
36.5 KB (37,376 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
apmwinapp

Command:
C:\Program Files\paragon software\hfs+ for windows 10.2\apmwinsrv.exe param


Scan apmwinsrv.exe - Powered by Reason Core Security