home

pashlext64.dll

ConeXware, Inc

It is registered as a context menu handler (displays a menu when right-clicked in Explorer) named “PowerArchiver64”.
Publisher:
ConeXware, Inc.  (signed by ConeXware, Inc)

Version:
15.0.13.1

MD5:
119a92482232673fabfd1f9a68aed1ed

SHA-1:
99472448f75f7c0fd47f8b09dd373c213eab1383

SHA-256:
1a237bac0551a446a34ab61ebfa021613d2ccf0389c83253373352479038a523

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 3:58:27 PM UTC  (today)

File size:
3.6 MB (3,747,320 bytes)

Product version:
1.0.0.0

File type:
Dynamic link library (Win64 DLL)

Language:
English (United States)

Common path:
C:\Program Files\powerarchiver\pashlext64.dll

Digital Signature
Signed by:
ConeXware, Inc

Authority:
VeriSign, Inc.

Valid from:
8/18/2013 5:30:00 AM

Valid to:
11/17/2016 5:29:59 AM

Subject:
CN="ConeXware, Inc", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="ConeXware, Inc", L=Reston, S=Virginia, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3414D4E2AB75A0FD628D84C24700B76F

Registration
CLSIDs:
{D03D3E78-0C44-3D45-B15F-BCFD8A8B4C7E}, {D03D3E79-0C44-3D45-B15F-BCFD8A8B4C7E}, {D03D3E7A-0C44-3D45-B15F-BCFD8A8B4C7E}, {D03D3E7B-0C44-3D45-B15F-BCFD8A8B4C7E}, {D03D3E7D-0C44-3D45-B15F-BCFD8A8B4C7E}

ProgID:
PASHLEXT64.zipfile

COM registered:
Yes

File PE Metadata
Compilation timestamp:
11/18/2014 1:42:21 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
49152:ODjoyErP7GZOSlSr0WkZEwN8+rAAtd5pkROx:IuSl

Entry address:
0x300A90

Entry point:
55, 48, 83, C4, 80, 48, 8B, EC, 48, C7, 45, 30, 00, 00, 00, 00, 48, 89, 8D, 90, 00, 00, 00, 89, 95, 98, 00, 00, 00, 4C, 89, 85, A0, 00, 00, 00, 90, 48, 8D, 4D, 38, 48, 8D, 15, 20, 28, FF, FF, 4C, 8B, 85, 90, 00, 00, 00, 44, 8B, 8D, 98, 00, 00, 00, 48, 8B, 85, A0, 00, 00, 00, 48, 89, 44, 24, 20, E8, 91, 29, D1, FF, 90, 48, 8B, 05, 51, 9E, 03, 00, 48, 8B, 0D, 7A, F2, 03, 00, 48, 89, 08, C7, 05, D1, 80, 10, 00, 94, 00, 00, 00, 48, 8D, 0D, CA, 80, 10, 00, E8, 89, 81, D1, FF, 48, 8B, 05, FA, 96, 03, 00, 83, 3D...
 
[+]

Entropy:
5.9411

Code size:
3 MB (3,144,704 bytes)

Context Menu Handler
Display name:
PowerArchiver64

CLSID:
{d03d3e78-0c44-3d45-b15f-bcfd8a8b4c7e}

CLSID name:
PowerArchiver Shell Extensions


Scan pashlext64.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.