home

FSSUpdaterService.exe

FSSUpdaterService

It runs as a scheduled task under the Windows Task Scheduler named FSSUpdaterService triggered by a time event.
Product:
FSSUpdaterService

Version:
1.0.0.2

MD5:
655d29e65174d20cb7a4688f73ca1b74

SHA-1:
7fbc7fd544071428ce6e7dbb8969ca8f07fe47d8

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
5/19/2024 11:18:46 AM UTC  (today)

Scan engine
Detection
Engine version

Kaspersky
not-a-virus:AdWare.Win32.iBryte
14.0.0.3667

Trend Micro House Call
TROJ_GEN.R047H07FA14
7.2.174

Vba32 AntiVirus
TScope.Trojan.MSIL
3.12.26.0

File size:
520 KB (532,480 bytes)

Product version:
1.0.0.2

Copyright:
Copyright © 2014

Original file name:
FSSUpdaterService.exe

File type:
Executable application (Win64 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\roaming\updaterservice\fssupdaterservice.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
12288:mZMf+sLLyqwZWMUerhvgOznUNBmxfzui:asLLyqw7lrhLznpu

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.1165

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Scheduled Task
Task name:
FSSUpdaterService

Path:
C:\WINDOWS\Tasks\FSSUpdaterService.job

Trigger:
Time (Next runs on 6/28/2014 at 4:23 AM)

Description:
FSSUpdaterService


The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to ec2-52-76-225-111.ap-southeast-1.compute.amazonaws.com  (52.76.225.111:80)

Scan FSSUpdaterService.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.