chext64.dll

Open Source Developer, Józef Starosczyk

It is registered as a context menu handler (displays a menu when right-clicked in Explorer) named “chext”.
Publisher:

MD5:
99b6d8d0d62f9347457740f8bcf69f23

SHA-1:
6036d13e107481365524de904fbacf40d8e529ea

SHA-256:
ced148c1a79fac3e4239322cf0f8b5c5763a405c8613b9f94ae81eee0aca4534

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 4:06:20 PM UTC  (today)

File size:
1.5 MB (1,617,496 bytes)

File type:
Dynamic link library (Win64 DLL)

Common path:
C:\Program Files\copy handler\chext64.dll

Digital Signature
Authority:
Unizeto Technologies S.A.

Valid from:
1/11/2016 12:02:14 AM

Valid to:
1/10/2017 12:02:14 AM

Subject:
E=ixen@copyhandler.com, CN="Open Source Developer, Józef Starosczyk", O=Open Source Developer, C=PL

Issuer:
CN=Certum Level III CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:
6A8CA74C28DB4978F2ACE8BC61A3BDEA

Registration
CLSIDs:
{3D855ACA-8274-4f1f-94E9-6BEF4FC2A2AF}, {B46F8244-86E6-43CF-B8AB-8C3A89928A48}, {E7A4C2DA-F3AF-4145-AC19-E3B215306A54}

ProgIDs:
chext.ShellExtControl.1, chext.DropMenuExt.1, chext.MenuExt.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
4/3/2016 6:37:42 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
24576:iLBSm4Ghl1YZsWsDO+JzBXePHsyg5uDQslg/ZIkItMX1mqZ:aH7usWsDO+JzBXePHjg5uDQ5/

Entry address:
0x98AB4

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, DB, 03, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, 03, 00, 00, 00, CC, CC, CC, 48, 8B, C4, 48, 89, 58, 08, 48, 89, 70, 10, 48, 89, 78, 18, 41, 56, 48, 83, EC, 30, 49, 8B, F0, 8B, FA, 4C, 8B, F1, BB, 01, 00, 00, 00, 89, 58, E8, 89, 15, 55, F7, 0C, 00, 85, D2, 75, 12, 39, 15, CB, A4, 0D, 00, 75, 0A, 33, DB, 89, 58, E8, E9, CB, 00, 00...
 
[+]

Entropy:
6.1225

Code size:
1007 KB (1,031,168 bytes)

Context Menu Handler
Display name:
chext

CLSID:
{E7A4C2DA-F3AF-4145-AC19-E3B215306A54}

CLSID name:
MenuExt Class


Scan chext64.dll - Powered by Reason Core Security