home

pdc_shellEx_loader.exe

pdc_shellEx_loader

Yurii Palkovskii

Publisher:
ДС  (signed by Yurii Palkovskii)

Product:
pdc_shellEx_loader

Version:
1.00

MD5:
b12a3b763e10fccaaeaaf19354129bd8

SHA-1:
d3f53f8296ad6918a88d212369cbd3b3e9a116c1

SHA-256:
b8fc101d1b4819bb413179be6894709a0fbd58a026ba6019244d1a90e9971279

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 6:36:04 AM UTC  (today)

File size:
313.9 KB (321,472 bytes)

Product version:
1.00

Original file name:
pdc_shellEx_loader.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\plagiarism detector\pdc_shellex_loader.exe

Digital Signature
Signed by:
Yurii Palkovskii

Authority:
COMODO CA Limited

Valid from:
8/18/2013 8:00:00 PM

Valid to:
8/19/2014 7:59:59 PM

Subject:
CN=Yurii Palkovskii, O=Yurii Palkovskii, STREET=Shelushkova102 apt5, L=Zhytomyr, S=Ukraine, PostalCode=01001, C=UA

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00F702A935246605A77E7FD4CB641A00EE

File PE Metadata
Compilation timestamp:
9/4/2013 1:56:40 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:0MdK4htcvKjKb67kPz4bPQMdK4htcvKjKb67tg:0YK4wyjg6gPEbPQYK4wyjg6xg

Entry address:
0x13E8

Entry point:
68, B4, 4E, 42, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 48, 00, 00, 00, 00, 00, 00, 00, 2A, FB, 51, D5, 58, 39, BD, 4B, 82, B1, 5B, 21, B9, 4C, 5B, 55, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 7B, 30, 30, 30, 32, 30, 73, 68, 65, 6C, 6C, 45, 78, 5F, 70, 64, 63, 5F, 61, 75, 74, 6F, 6C, 6F, 61, 64, 65, 72, 00, 30, 00, 00, 00, 00, FF, CC, 31, 00, 00, C1, 9B, 5D, C8, 5B, F7, 66, 41, 82, 4E, FD, 42, C3, 01, 49, 69, 91, 14, 83, 61, AA, 89, 9A, 4C, A3, A8, 0A, E9, 36, FD, 81, 3C, 3A, 4F, AD...
 
[+]

Entropy:
7.6467

Developed / compiled with:
Microsoft Visual Basic v5.0/v6.0

Code size:
156 KB (159,744 bytes)

Scan pdc_shellEx_loader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.