» shexview_setup.exe
Overview
Analysis
File Details
Programs (1)

shexview_setup.exe

Nir Sofer

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer.

File name:

shexview_setup.exe

Publisher:

Nir Sofer (signed and verified)

MD5:

21a66e620020290aef804baeca74c4e0

SHA-1:

485ff95c29fb8cf4fd370c3b08a91fbd26990cb2

SHA-256:

801f23c3f048494726ac6a649c2246d9101e0b11f3e24bf15a0607d3b66dc849

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/18/2024 11:31:16 PM UTC (a few moments ago)

File size:

137.4 KB (140,728 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\downloads\shexview_setup.exe

Digital Signature

Signed by:

Nir Sofer

Authority:

COMODO CA Limited

Valid from:

9/16/2012 8:00:00 PM

Valid to:

9/17/2014 7:59:59 PM

Subject:

CN=Nir Sofer, O=Nir Sofer, STREET=5 Hashoshanim st., L=Ramat Gan, S=Gush Dan, PostalCode=52583, C=IL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00A1A3E7280E0A2DF12F84309649820519

File PE Metadata

Compilation timestamp:

5/3/2008 10:08:42 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

3072:Kd/vyWmJe45vzd8jyfmNlL5wqq5PZxyXsEQKegH:KXp6OjHlL5wqq5PZXEUo

Entry address:

0x3225

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 28, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, F9, 2A, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 50, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B0, 91, 40, 00, 68, A0, 36, 42, 00, E8, B0, 27, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, 9E, 27, 00, 00... 
[+]

Entropy:

7.6744

Packer / compiler:

Nullsoft install system v2.x

Code size:

22.5 KB (23,040 bytes)

The file shexview_setup.exe has been discovered within the following program.

NirSoft ShellExView by NirSoft

Publisher's description - “Shell Extensions are in-process COM objects which extends the abilities of Windows operating system. Most shell extensions are automatically installed by the operating system, but there are also many other applications that install additional shell extension components.”

www.nirsoft.net/utils/shexview.html

11% remove it

Scan shexview_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.