» Inshlpr.exe
Overview
Analysis
File Details

Inshlpr.exe

Zemana AntiLogger

Zemana Information Technologies Industry Limited

This is a self-extracting archive and installer.

File name:

Inshlpr.exe

Publisher:

Zemana Ltd. (signed by Zemana Information Technologies Industry Limited)

Product:

Zemana AntiLogger

Description:

AntiLogger Install Helper Executable

Version:

1.6.2.445

MD5:

da4d4e677aa34a5b3ab034124372abbd

SHA-1:

61f5e43e8279fed9773d70a93d2d40be8273468a

SHA-256:

6e3f85d64179beb7c407e3a976ace82ea8fabfaa4e44ea537e8f42b08c528d7c

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/25/2024 7:20:23 AM UTC (today)

Scan engine

Detection

Engine version

Clam AntiVirus

PUA.Packed.ASPack

0.98/17411

Quick Heal

(Suspicious) - DNAScan

11.14.11.00

File size:

647.9 KB (663,408 bytes)

Product version:

1.6.2.0

Trademarks:

AntiLogger(tm) is a trademark of Zemana Ltd.

Original file name:

Inshlpr.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\data\offline\171f7ae7\4acd94d1\inshlpr.exe

Digital Signature

Signed by:

Zemana Information Technologies Industry Limited

Authority:

VeriSign, Inc.

Valid from:

11/28/2008 1:00:00 AM

Valid to:

12/4/2009 12:59:59 AM

Subject:

CN=Zemana Information Technologies Industry Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Zemana Information Technologies Industry Limited, L=Istanbul, S=Uskudar, C=TR

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

2AE026D2DAB457835BC5A9E9428B99F0

File PE Metadata

Compilation timestamp:

9/18/2009 2:08:52 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

5.0

CTPH (ssdeep):

12288:qKksOwNjPVCQ3kCwwqPaFw0EDzLREwxr+jBGWPCZHBwOXN:q7O9DUCwwqPH06K/dGWPCVBwOd

Entry address:

0x1000

Entry point:

68, 01, 00, 52, 00, E8, 01, 00, 00, 00, C3, C3, 02, 0A, 35, 07, 8F, BF, FE, E5, 7F, EC, 88, 98, CC, 1F, 7C, A4, 0F, 21, 73, 6D, A7, 1C, 6F, 3B, 10, 83, 7F, 31, D4, BC, A1, FE, F5, 44, 8E, 15, 37, 4C, 0D, BB, DD, AE, D9, 20, 4B, 0E, D4, 1B, E2, F5, 6D, AF, F9, 20, D0, D0, 96, 33, 2C, 4B, 3A, 5F, AC, 57, 65, 88, DE, 35, 6D, 22, AA, A2, F8, 3B, C0, F3, 81, D8, 17, 47, 90, C0, 27, F2, 0B, C1, 2E, FD, D8, 3D, 6F, 29, 7D, AA, 8E, 0D, 6C, 6A, AE, 19, 9D, C6, 0D, 4E, 38, 15, 80, 25, A1, EF, A1, 2A, FA, C8, 6A, 5B... 
[+]

Packer / compiler:

ASProtect v1.2x (New Strain)

Code size:

832 KB (851,968 bytes)

Scan Inshlpr.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.