ffeuter.exe

Xin Zhou

The application ffeuter.exe by Xin Zhou has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Xin Zhou  (signed and verified)

MD5:
d32e59f7406c2d04de03512d8aefca6d

SHA-1:
aca4d50aaddbd1e9ff8be16c4f072f5c3ac75511

SHA-256:
1232d4e7d6d8a73bd330f724322d76fa75eee899cc0fe01308423baf3984b947

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 12:28:19 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.XinZhou (M)
16.4.22.19

File size:
587.7 KB (601,848 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\yesbnd\ffeuter.exe

Digital Signature
Signed by:

Authority:
thawte, Inc.

Valid from:
4/19/2016 5:30:00 AM

Valid to:
3/23/2017 5:29:59 AM

Subject:
CN=Xin Zhou, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
4CEAF4F1B7C2E1B181B9A1ED937F62A8

File PE Metadata
Compilation timestamp:
4/19/2016 8:06:42 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
12288:DamHibZUFaJ8qzwr9vwLMqMtaFViRb9ZnzzWVsv9uB7TyNIWTs5T7A8w:Dq2FabwVwgtPfnzKS9JT+T7vw

Entry address:
0x373B4

Entry point:
E8, 2F, 67, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 5D, E9, 88, 6C, 00, 00, 55, 8B, EC, 56, 8B, 75, 08, 83, FE, E0, 77, 6F, 53, 57, A1, C0, CD, 48, 00, 85, C0, 75, 1D, E8, 9E, 64, 00, 00, 6A, 1E, E8, F4, 64, 00, 00, 68, FF, 00, 00, 00, E8, D5, 2F, 00, 00, A1, C0, CD, 48, 00, 59, 59, 85, F6, 74, 04, 8B, CE, EB, 03, 33, C9, 41, 51, 6A, 00, 50, FF, 15, 64, 21, 47, 00, 8B, F8, 85, FF, 75, 26, 6A, 0C, 5B, 39, 05, 1C, D7, 48, 00, 74, 0D, 56, E8, 47, 5C, 00, 00, 59, 85, C0, 75, A9, EB, 07, E8, 90, 11, 00, 00, 89...
 
[+]

Entropy:
6.6027

Code size:
448.5 KB (459,264 bytes)

Remove ffeuter.exe - Powered by Reason Core Security