home

bhsev.exe

SHENGJUGUANG ONLINE INFORMATION TECHNOLOGY CO., LTD

The application bhsev.exe by SHENGJUGUANG ONLINE INFORMATION TECHNOLOGY CO. has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
便压通用检测报告  (signed by SHENGJUGUANG ONLINE INFORMATION TECHNOLOGY CO., LTD)

Product:
便压通用检测报告

Version:
1.0.0.0

MD5:
4ce86cb3d6b38e50f7db22dc032998e9

SHA-1:
bdaa5cbde63a98fcdf78150bd39f865b34d71e4b

SHA-256:
05cf66e2d56b7c130c8d281da0d9941dfd4adc789f7b5a8efcf233fa329e91e9

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/18/2024 12:52:33 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.SHENGJUG (M)
16.7.4.19

File size:
298.3 KB (305,456 bytes)

Product version:
1.0.0.0818 - 2

Copyright:
Copyright (C) 2014

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\bianya2\201408201743\bhsev.exe

Digital Signature
Signed by:
SHENGJUGUANG ONLINE INFORMATION TECHNOLOGY CO., LTD

Authority:
WoSign CA Limited

Valid from:
8/18/2014 11:57:45 AM

Valid to:
8/18/2015 11:57:45 AM

Subject:
CN="SHENGJUGUANG ONLINE INFORMATION TECHNOLOGY CO., LTD", E=kvzy126@qq.com, O="SHENGJUGUANG ONLINE INFORMATION TECHNOLOGY CO., LTD", L=Nanning, S=Guangxi Zhuangzu Zizhiqu, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
638EE520CBA58047BC1DFA9563FC24F8

File PE Metadata
Compilation timestamp:
6/20/1992 7:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
6144:Emyg3zezST7iPUBJFaV2HqlB/pW+tqsbLQjxzD7k0zCr9xlIw8N8Kh/5:YseAiMVmEqXRl8samThIwJ25

Entry address:
0xB6180

Entry point:
68, A3, D5, E7, 8F, E8, A1, 87, 00, 00, 00, 00, 47, 65, 74, 50, 61, 6C, 65, 74, 74, 65, 45, 6E, 74, 72, 69, 65, 73, 00, 7C, 29, D8, 64, B0, 6B, B0, A7, 59, E0, 50, A0, E2, 5B, 8B, 8C, 3C, 37, CD, 5F, 3B, C8, 37, 75, C1, D8, 8C, A0, F3, E0, 54, 08, 50, 83, EB, 32, E9, 22, 6A, C5, D9, BE, E8, 7D, 67, 34, 0A, FF, 2B, 0B, D8, 87, DD, 1F, 2B, 4C, 7A, 69, 6D, 0F, B5, DE, FB, B4, 9B, 67, 16, E7, 90, BC, 64, 7F, EF, 83, E1, 33, 40, 54, 68, 44, 6E, BF, 58, F5, 97, 1B, C8, A4, 5F, F0, 7D, 4C, 7A, 69, B3, 98, 37, 9F...
 
[+]

Entropy:
7.8594  (probably packed)

Code size:
763.5 KB (781,824 bytes)

Remove bhsev.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.