» appsvc.exe
Overview
Analysis
File Details

appsvc.exe

The executable appsvc.exe has been detected as malware by 28 anti-virus scanners.

File name:

appsvc.exe

Version:

0.0.0.0

MD5:

a41ef5e5cbf06414f35705f572c9ecb1

SHA-1:

b2167dad1e6245d28f7aa9856050b41e1a003846

SHA-256:

e0409789b953343e9a8559c8aea8f8915dbc7af083919bcf2bb210204a4c906e

Scanner detections:

28 / 68

Status:

Malware

Analysis date:

4/18/2024 2:53:01 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Trojan.Heur.DNP.rm0@a43AKAo

435

Agnitum Outpost

Trojan.Agent

7.1.1

AhnLab V3 Security

Trojan/Win32.Agent

15.11.27

Avira AntiVirus

TR/Dropper.A.23516

7.11.142.74

avast!

MSIL:Agent-BAO [Trj]

2014.9-151127

AVG

Inject2

2016.0.2913

Baidu Antivirus

Trojan.Win32.Agent

4.0.3.151127

Bitdefender

Gen:Trojan.Heur.DNP.rm0@a43AKAo

1.0.20.1655

Bkav FE

W32.DiztakunKazyC.Trojan

1.3.0.4959

Dr.Web

Trojan.DownLoader9.28526

9.0.1.0331

Emsisoft Anti-Malware

Gen:Trojan.Heur.DNP.rm0@a43AKAo

8.15.11.27.04

ESET NOD32

MSIL/Agent.NT (variant)

9.9658

Fortinet FortiGate

W32/Agent.AFLMK!tr

11/27/2015

F-Prot

W32/A-ed033535

v6.4.7.1.166

F-Secure

Gen:Trojan.Heur.DNP.rm0@a43AKAo

11.2015-27-11_6

G Data

Gen:Trojan.Heur.DNP.rm0@a43AKAo

15.11.24

IKARUS anti.virus

Trojan.Inject2

t3scan.1.6.1.0

Kaspersky

Trojan.Win32.Agent

14.0.0.1059

Malwarebytes

Backdoor.MSIL.P

v2015.11.27.04

McAfee

Artemis!A41EF5E5CBF0

5600.6569

MicroWorld eScan

Gen:Trojan.Heur.DNP.rm0@a43AKAo

16.0.0.993

Panda Antivirus

Generic Malware

15.11.27.04

Sophos

Troj/DotNet-F

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Injector

9483

Trend Micro House Call

TROJ_GEN.R021C0RD814

7.2.331

Trend Micro

TROJ_GEN.R021C0RD814

10.465.27

Vba32 AntiVirus

Trojan.Agent.aflmk

3.12.26.0

VIPRE Antivirus

Trojan.Win32.Generic

28178

File size:

284.5 KB (291,328 bytes)

Product version:

0.0.0.0

Original file name:

hi.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\windows\syswow64\application services\appsvc.exe

File PE Metadata

Compilation timestamp:

2/23/2014 5:56:54 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

6144:4SrC1W7yNpCRcPMNeN+cP856v6z/7A012XbYkmq3X8sjcb:eGR+A6v6z/Mekmqt

Entry address:

0x4872E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.7467

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

282 KB (288,768 bytes)

Remove appsvc.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.