home

e4shell.exe

E4Shell

Exact Holding N.V.

Publisher:
Exact  (signed by Exact Holding N.V.)

Product:
E4Shell

Version:
9.05.0343

MD5:
c67b8766bf3bb90ca1cfb807c613c90b

SHA-1:
19d02d1b09ef28c09d8c9e5e45c84977700550b5

SHA-256:
b1d6499b69f03efafc566b5d963c90d49cf93e4cd8d4618755a9bbfde552d324

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/25/2024 7:59:30 AM UTC  (today)

Scan engine
Detection
Engine version

Zillya! Antivirus
Trojan.Inject.Win32.182034
2.0.0.2482

File size:
447.2 KB (457,928 bytes)

Product version:
9.05.0343

Original file name:
e4shell.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\exact software\bin\e4shell.exe

Digital Signature
Signed by:
Exact Holding N.V.

Authority:
VeriSign, Inc.

Valid from:
12/15/2009 4:00:00 PM

Valid to:
2/9/2013 3:59:59 PM

Subject:
CN=Exact Holding N.V., OU=International Development, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Exact Holding N.V., L=DELFT, S=Zuid Holland, C=NL

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1D45D7CCDB25916344F04CD448A1B3B2

File PE Metadata
Compilation timestamp:
7/2/2010 1:51:00 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:JImjh4j/5a6/kIChkFBxNdKVZLW2qZ3VLDMuvQHyylVf5fo2UrY8f+T7T+EQPslC:J2lPkFoNrY8f+XT+EQX

Entry address:
0x1298

Entry point:
68, CC, 13, 40, 00, E8, EE, FF, FF, FF, 00, 00, 40, 00, 00, 00, 30, 00, 00, 00, 38, 00, 00, 00, 00, 00, 00, 00, E6, 29, BB, 45, 21, CE, EA, 4F, 84, 78, 13, A0, 92, 9F, 64, 3E, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 2D, 43, 30, 30, 30, 2D, 45, 34, 53, 68, 65, 6C, 6C, 00, 00, 30, 34, 36, 7D, 23, 32, 2E, 00, 00, 00, 00, 88, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 09, 00, 00, 00, 3F, E4, 35, FC, CC, CB, 3E, 4A, A1, 90, 6A, F6, 7B, 7C, BA, 97, 01, 00, 00, 00, 98, 00, 00, 00, A8, 00, 00, 00, 01, 00, 00, 00...
 
[+]

Entropy:
5.1828

Developed / compiled with:
Microsoft Visual Basic v5.0/v6.0

Code size:
328 KB (335,872 bytes)

Scan e4shell.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.