wshelper.exe

Wondershare Studio

Wondershare software CO., LIMITED

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Wondershare Helper Compact.exe’.
Publisher:
Wondershare  (signed by Wondershare software CO., LIMITED)

Product:
Wondershare Studio

Version:
2.3.6.4

MD5:
12dda5de47461555b28954c6711399b4

SHA-1:
a4d1ac78f1dfd1623b278ec8d60ffd0b18a97195

SHA-256:
35ad5ad8c6e0479ec2fcebefa38e69227e5178b9b9d70e7891f9cebe7491b80a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/24/2024 1:08:03 PM UTC  (today)

File size:
2 MB (2,086,240 bytes)

Product version:
2.3.6.4

Copyright:
Copyright (c) 2014 Wondershare. All rights reserved

Trademarks:
Wondershare

Original file name:
Wondershare Studio

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\Program Files\common files\wondershare\wondershare helper compact\wshelper.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
2/21/2014 4:00:00 AM

Valid to:
2/22/2016 3:59:59 AM

Subject:
CN="Wondershare software CO., LIMITED", OU=R & D Management, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Wondershare software CO., LIMITED", L=Shenzhen, S=Guangdong, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
30DC6C3A7D282A8E5552CEB78E4C075A

File PE Metadata
Compilation timestamp:
4/28/2015 11:23:30 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x1A9444

Entry point:
55, 8B, EC, 83, C4, E0, 33, C0, 89, 45, E0, 89, 45, E4, 89, 45, EC, 89, 45, E8, B8, 68, 75, 5A, 00, E8, 76, 02, E6, FF, 33, C0, 55, 68, FC, 95, 5A, 00, 64, FF, 30, 64, 89, 20, E8, 23, E0, FF, FF, A1, B8, 98, 5B, 00, 8B, 00, E8, 0B, 57, E6, FF, 84, C0, 0F, 84, 45, 01, 00, 00, 8D, 55, E8, 33, C0, E8, D9, A0, E5, FF, 8B, 45, E8, 8D, 55, EC, E8, 02, 5D, E6, FF, 8D, 45, EC, BA, 14, 96, 5A, 00, E8, A1, D7, E5, FF, 8B, 4D, EC, B2, 01, A1, 14, 71, 4C, 00, E8, D6, 1B, F2, FF, 8B, 15, 30, 92, 5B, 00, 89, 02, E8, F9...
 
[+]

Entropy:
6.5876

Developed / compiled with:
Microsoft Visual C++

Code size:
1.7 MB (1,738,240 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Wondershare Helper Compact.exe

Command:
C:\Program Files\common files\wondershare\wondershare helper compact\wshelper.exe


Scan wshelper.exe - Powered by Reason Core Security