home

fhsev.exe

Yulong Xie

It runs as a separate (within the context of its own process) windows Service named “FMSTSerPro”.
Publisher:
音乐通用检测报告  (signed by Yulong Xie)

Product:
音乐通用检测报告

Version:
1.0.0.0

MD5:
77b366aa90d19f273bb37fe9488f9531

SHA-1:
041373e74b8c5ce368a927cf61e72d477e792a49

SHA-256:
8c834580b22d3dd9fc704f3a1e310cdd7d6069600b8d21f4bea0b8b30f0af5ad

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 7:45:53 AM UTC  (today)

File size:
298.2 KB (305,312 bytes)

Product version:
1.0.0.0818 - 2

Copyright:
Copyright (C) 2014

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, China)

Common path:
C:\Program Files\fmol_201412040825\201412040825\fhsev.exe

Digital Signature
Signed by:
Yulong Xie

Authority:
WoSign CA Limited

Valid from:
11/13/2014 4:54:51 AM

Valid to:
11/13/2015 4:54:51 AM

Subject:
CN=Yulong Xie, L=Tengxian, S=Guangxi Zhuangzu Zizhiqu, C=CN

Issuer:
CN=WoSign Class 2 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
3CCBA4D87FD47563CB4217984FC82331

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
6144:N2iMN6U1kk//hUzEJuna1HlMfw0g8eBJ2Hz4TATkmobEKtZpJj6Ntk:Tg1NAa12YnUEUSbEKtZp56Ntk

Entry address:
0xB9AA0

Entry point:
68, 5A, 11, 4B, 00, E8, 7D, 4C, 00, 00, EF, 9D, CB, E2, 09, B1, CF, E7, F8, 01, 5E, 56, 66, 7A, 85, B1, A5, AA, F3, 55, DD, C8, 1C, 45, 6C, 74, CC, 3C, 60, 0D, 0D, DD, F1, 03, 4E, A8, 48, 8C, E8, 67, 61, 70, 62, C2, F4, 2D, 1E, 28, 47, 45, 88, C3, B7, D2, 33, 31, 8C, 80, 9D, 18, 9C, FE, 0F, 0C, 41, B4, 5D, AE, 90, 75, ED, 40, 24, FC, 65, 20, 4B, 91, 8E, C0, DD, DF, 34, 3F, 4D, 9E, 0D, 65, 7F, BC, DD, 65, 7F, 81, D2, 0D, 47, 54, 70, C2, 30, E8, 09, A9, 9B, A6, 02, 08, 27, 36, 2E, 54, 94, 70, CB, F4, 2A, D8...
 
[+]

Entropy:
7.8717  (probably packed)

Code size:
763.5 KB (781,824 bytes)

Service
Display name:
FMSTSerPro

Description:
ÒôÀÖͨÓüì²â±¨¸æ

Type:
Win32OwnProcess


Scan fhsev.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.