home

ShellExt.dll

Shadow Defender

Yang Ping

It is registered as a context menu handler (displays a menu when right-clicked in Explorer) named “DefenderContextMenuExt”.
Publisher:
SHADOWDEFENDER.COM  (signed by Yang Ping)

Product:
Shadow Defender

Description:
Shadow Defender Shell Extension

Version:
1.4.0.653

MD5:
5a0650639a83539df491a47da4b43400

SHA-1:
ab8e3a60008b68855a12dc2dd4663864a008fe01

SHA-256:
5e1fd47a1694abad0152d6ec382d4eb3794e85f5c818b45fb95817d4cb887d13

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 5:24:12 AM UTC  (today)

File size:
301.2 KB (308,432 bytes)

Product version:
1.4.0.653

Copyright:
Copyright (C) 2007-2016, SHADOWDEFENDER.COM. All rights reserved.

Original file name:
ShellExt.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\shadow defender\shellext.dll

Digital Signature
Signed by:
Yang Ping

Authority:
WoSign CA Limited

Valid from:
4/8/2016 9:04:32 AM

Valid to:
6/8/2017 9:04:32 AM

Subject:
CN=Yang Ping, L=Chongqing, S=Chongqing, C=CN

Issuer:
CN=WoSign Class 2 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
5E4DC82C530C9D86101BAD3939FCED12

Registration
CLSID:
{5EE8E9E6-2853-4D28-B2DE-6529EDA0A294}

ProgID:
DefenderShellExt.ContextMenuExt.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
10/15/2016 7:53:42 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
3072:NjxiK5ubsUGLuXsgR0a429YjV0TVcj3vqNbKx6nW1n4RQikrc5wGaXXnpN4LpbTV:NNUGtE0S+jf+bw6nWJIkr/7a8yk8

Entry address:
0x8725

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 98, 03, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, BE, FE, FF, FF, 83, C4, 0C, 5D, C2, 0C, 00, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 53, 56, 6A, 17, E8, 9E, F9, 00, 00, 85, C0, 74, 05, 8B, 4D, 08, CD, 29, 33, F6, 8D, 85, DC, FC, FF, FF, 68, CC, 02, 00, 00, 56, 50, 89, 35, 40, 53, 02, 10, E8, 83, 1D, 00, 00, 83, C4, 0C, 89, 85, 8C, FD, FF, FF, 89, 8D, 88, FD, FF, FF, 89, 95, 84, FD, FF, FF, 89, 9D, 80, FD, FF, FF, 89, B5, 7C, FD, FF, FF, 89, BD, 78, FD, FF, FF, 66...
 
[+]

Entropy:
6.0470

Developed / compiled with:
Microsoft Visual C++

Code size:
99 KB (101,376 bytes)

Context Menu Handler
Display name:
DefenderContextMenuExt

CLSID:
{5EE8E9E6-2853-4D28-B2DE-6529EDA0A294}

CLSID name:
DefenderContextMenuExt Class


Scan ShellExt.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.