FHL-BH-Editor.exe

FHL-BH-Editor

MyFHL

This is a setup program which is used to install the application. The file has been seen being downloaded from dc739.4shared.com and multiple other hosts.
Publisher:
MyFHL

Product:
FHL-BH-Editor

Version:
5.0.0.2

MD5:
c2c4926bb9c54285858432af51903d1f

SHA-1:
b547e9cfd855bd8a7b221909ba772927cba81aa9

SHA-256:
08fe7ccbcb40669360f93aa7eb48894de1255b73f6a0bad8c01ce3f98b6a4e09

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/29/2024 9:00:52 AM UTC  (today)

Scan engine
Detection
Engine version

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

File size:
324 KB (331,776 bytes)

Product version:
5.0.0.2

Copyright:
Copyright © Bernd - http://editing.myfhl.de

Original file name:
FHL-BH-Editor.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\fhl-bh-editor.exe

File PE Metadata
Compilation timestamp:
12/19/2014 3:30:08 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:0CcxZq1DxYt8Y9Fe/BxMIxZq1DxYt8Y9Fe/B:vcxPTwxMIxPTw

Entry address:
0x2F68E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
182 KB (186,368 bytes)

The file FHL-BH-Editor.exe has been discovered within the following program.

About 7% of users remove it
 
Powered by Should I Remove It?

The file FHL-BH-Editor.exe has been seen being distributed by the following 3 URLs.

Scan FHL-BH-Editor.exe - Powered by Reason Core Security