home

eshelper.exe

Shanghai QianYan Network Technologies Co. LTD

Publisher:
欧路软件  (signed by Shanghai QianYan Network Technologies Co. LTD)

Version:
11.5.3.95

MD5:
8d223b5a00fd56408dc429975858ffc9

SHA-1:
13334c2c3c525918b0563b2b5b914cdd4c9c20d3

SHA-256:
b0040ee91e961daa4ebf5cf41183deeed96a85aeb60003ebaa664c9fdffa0900

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2024 7:07:13 PM UTC  (today)

File size:
9.7 MB (10,216,952 bytes)

Product version:
2.0.0.0

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\eshelper\eshelper.exe

Digital Signature
Signed by:
Shanghai QianYan Network Technologies Co. LTD

Authority:
COMODO CA Limited

Valid from:
6/29/2012 8:00:00 AM

Valid to:
6/30/2015 7:59:59 AM

Subject:
CN=Shanghai QianYan Network Technologies Co. LTD, O=Shanghai QianYan Network Technologies Co. LTD, STREET=Room 2089 Block 7 NO.1365 Hongde bldg Jiading Industrial Park, L=Shanghai, S=Shanghai, PostalCode=200333, C=CN

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
101B667A9426A663AC5C64BCA25BD192

File PE Metadata
Compilation timestamp:
6/17/2015 12:56:36 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
98304:xaxavetPV7UY6HYIJUrQAJ0YCL2S53Km47EqyhZwF9YWy0qhJ4wZhFYAMfh:xakvaiHHhzqSwF9Y5hhrSh

Entry address:
0x2950

Entry point:
EB, 10, 66, 62, 3A, 43, 2B, 2B, 48, 4F, 4F, 4B, 90, E9, AC, 60, B2, 00, A1, 9F, 60, B2, 00, C1, E0, 02, A3, A3, 60, B2, 00, 52, 6A, 00, E8, EF, 15, 72, 00, 8B, D0, E8, DE, A7, 70, 00, 5A, E8, 00, A7, 70, 00, E8, 2F, A9, 70, 00, 6A, 00, E8, 54, CC, 70, 00, 59, 68, 48, 60, B2, 00, 6A, 00, E8, C9, 15, 72, 00, A3, A7, 60, B2, 00, 6A, 00, E9, 23, 9E, 71, 00, E9, 86, CC, 70, 00, 33, C0, A0, 91, 60, B2, 00, C3, A1, A7, 60, B2, 00, C3, 60, BB, 00, 50, B0, BC, 53, 68, AD, 0B, 00, 00, C3, B9, F8, 00, 00, 00, 0B, C9...
 
[+]

Entropy:
6.4680

Code size:
7.1 MB (7,491,584 bytes)

Scan eshelper.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.