home

parsetaskservices.exe

杜锋

It runs as a windows Service named “TaskServices”.
Publisher:
ParseTaskServices  (signed by 杜锋)

Product:
ParseTaskServices

Description:
搜影大师更新服务

Version:
2.0.1.136

MD5:
f9a05399289f9946307ebc29f53eb0bb

SHA-1:
08e4ba9b8e2fbf5c3c0d912ddb8fef5371da58c4

SHA-256:
a1673204891f2255426c2472ef5486e010c598b880a797c1bf88763eccc2142a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/27/2024 12:55:29 PM UTC  (today)

File size:
122.2 KB (125,088 bytes)

Product version:
2.0.1.136

Copyright:
Copyright (C) 2014

Original file name:
ParseTas.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\users\{user}\appdata\roaming\parsetaskservices\parsetaskservices.exe

Digital Signature
Signed by:
杜锋

Authority:
WoSign CA Limited

Valid from:
10/11/2014 1:59:20 AM

Valid to:
10/11/2015 1:59:20 AM

Subject:
CN=杜锋, E=43434019@qq.com, L=泾川县, S=甘肃省, C=CN

Issuer:
CN=WoSign Class 2 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
6F545F576E019D85EBF95A8B0C2CAEF5

File PE Metadata
Compilation timestamp:
12/13/2014 7:07:01 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
1536:rsUoRvrb0HVoquwoUX9gnmHnZ+EcLGsWjcdI8l+U6kPhwqmGX8Njba0:rsUoJYHeUbtChpI8l+U6kPhwqtX8J

Entry address:
0x555C

Entry point:
E8, 9A, 42, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, D8, 99, 41, 00, E8, DE, 1A, 00, 00, E8, E3, 11, 00, 00, 0F, B7, F0, 6A, 02, E8, 2D, 42, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, EC, 39, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Entropy:
6.4914

Code size:
70 KB (71,680 bytes)

Service
Display name:
TaskServices

Type:
Win32OwnProcess, InteractiveProcess


Scan parsetaskservices.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.