home

pahelper.exe

GRAHL software design

Publisher:
GRAHL software design  (signed and verified)

MD5:
625fc6ba77554e529ec73e69436bd9eb

SHA-1:
77e6fbad2f4e459825bb7a03a2e14713cb77ed17

SHA-256:
3d194cf74b17a47216c0100ca8d43e92d6506770fdeeed98de87bf8d81a521b3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 9:19:35 AM UTC  (today)

File size:
641.1 KB (656,520 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\windows\temp\{random}.tmp\pahelper.exe

Digital Signature
Signed by:
GRAHL software design

Authority:
COMODO CA Limited

Valid from:
6/21/2011 12:00:00 PM

Valid to:
6/21/2016 11:59:59 AM

Subject:
CN=GRAHL software design, O=GRAHL software design, STREET=Seligenthaler Str. 54, L=Landshut, S=Bavaria, PostalCode=84034, C=DE

Issuer:
CN=COMODO Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00975D0661A97D6285C3E8253319B4321E

File PE Metadata
Compilation timestamp:
12/1/2011 4:40:46 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.25

CTPH (ssdeep):
12288:EMA4yNZjsCxIHUFnhp7PPdj1IFAa2OyLyCY7ugkMo+o3BbSqnhHO:h5CZ/MUFnhp7dBda2OyLyCY/7EBbS+xO

Entry address:
0x88B30

Entry point:
55, 8B, EC, 83, C4, E8, 33, C0, 89, 45, E8, 89, 45, EC, A1, 68, 0B, 49, 00, C6, 00, 01, B8, 14, 7B, 48, 00, E8, 70, E4, F7, FF, 33, C0, 55, 68, 96, 8C, 48, 00, 64, FF, 30, 64, 89, 20, B8, AC, 8C, 48, 00, E8, 20, C3, F9, FF, 84, C0, 74, 12, 33, D2, B8, BC, 8C, 48, 00, E8, F0, C2, F9, FF, 50, E8, A6, EB, F7, FF, B8, CC, 8C, 48, 00, E8, 00, C3, F9, FF, 84, C0, 74, 50, 8D, 55, EC, B8, 02, 00, 00, 00, E8, 83, A7, F7, FF, 8B, 45, EC, E8, C3, 0F, F8, FF, 84, C0, 74, 27, 8D, 55, E8, B8, 02, 00, 00, 00, E8, 6A, A7...
 
[+]

Entropy:
6.6610

Developed / compiled with:
Microsoft Visual C++

Code size:
543 KB (556,032 bytes)

Scan pahelper.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.