home

Feihuo Movie.exe

Feihuo Movie

Shangrao Yuwang Technology Co., Ltd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘·É»ðÊÓƵ’.
Publisher:
Microsoft  (signed by Shangrao Yuwang Technology Co., Ltd.)

Product:
Feihuo Movie

Version:
2.00.0114

MD5:
e731e85c44f2f55189aa48c2e76db10f

SHA-1:
01da03cc862b1596ca1bbecb82ff872b43fcc728

SHA-256:
c2b6ceebabd009a3269ef991bdd7770a5467a12d028a13890e12e6c96e065721

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 2:55:04 AM UTC  (today)

File size:
571.8 KB (585,520 bytes)

Product version:
2.00.0114

Original file name:
Feihuo Movie.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\Program Files\·é»ðêóæµ\feihuo movie.exe

Digital Signature
Signed by:
Shangrao Yuwang Technology Co., Ltd.

Authority:
WoSign eCommerce Services Limited

Valid from:
3/20/2013 1:27:07 AM

Valid to:
3/22/2014 8:31:32 AM

Subject:
E=cq198@sina.com, CN="Shangrao Yuwang Technology Co., Ltd.", O="Shangrao Yuwang Technology Co., Ltd.", L=Shangrao, S=Jiangxi, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign eCommerce Services Limited, C=CN

Serial number:
22F387FECA36D7

File PE Metadata
Compilation timestamp:
8/5/2013 10:02:16 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:BNZYeHNmJSEjPbh713bA7E/EqMKEgmX4SFfaWAfzTIUfL/AJnsxddp6wVm5omKIc:yeWjPl7elqLEgmX4StVznsZp6wVm6mK

Entry address:
0x4ACC

Entry point:
68, C4, 4D, 40, 00, E8, F0, FF, FF, FF, 00, 00, 48, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, BF, F6, 89, D1, 9A, 72, 0F, 49, 81, 1B, 93, D4, 57, F2, D5, 5E, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 2D, 43, 30, 30, 30, 2D, 46, 65, 69, 68, 75, 6F, 4D, 6F, 76, 69, 65, 00, 7D, 23, 32, 2E, 00, 23, 30, 23, 43, 3A, 5C, 57, C0, 00, 00, 00, 90, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 09, 00, 00, 00, D1, F7, 3B, 97, 5B, D4, BC, 45, 88, 98, DD, 73, 86, 3D, 9C, 55, 01, 00, 00, 00, A0, 00, 00, 00...
 
[+]

Entropy:
6.1598

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
528 KB (540,672 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
·É»ðÊÓƵ

Command:
C:\Program Files\·é»ðêóæµ\feihuo movie.exe


Scan Feihuo Movie.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.