ShInstUtil.exe

  • File Path: C:\Program Files (x86)\KeePass Password Safe 2\ShInstUtil.exe
  • Description: ShInstUtil - KeePass Helper Utility

Hashes

Type Hash
MD5 F484D53E04FB43749F47656A33099DCA
SHA1 1A5886925C9E38D2B86EA2871911BF6AEE40485D
SHA256 C12BCAA756684B396A7B8A7F25B08E0F31D0649B856156C7F95AC3B6543FD049
SHA384 4B7CD1D52F0FAE9F8DF618BC266484C48D4948AA44C40B144678EADD804954176DABD34AC74F694E4F978D8C2AD72A53
SHA512 841BD32366D0CD158406F9B02B42BF30E4BC6DAF993AFA7328AB4C7FEC77C38CAADB5111DCD51B116D27298D0FD9D032FEC769D86C5B680461D5D3746A840782
SSDEEP 1536:EpU3xUSc6D8Ff0buamL/Hks969nkoPQbxUh5HWQzDEZXE:aw+6Itf969nkoPQbxUh5H5zDmX
IMP AF5DAD27817CC60381F6CB6A46F8B77D
PESHA1 04881854E59E0298F2BAE732706540FBBE045895
PE256 97E6CF50C44830E9564AFB2F4F4B6289850212908C10626E3E4FFE7105E7F8D7

Runtime Data

Loaded Modules:

Path
C:\Program Files (x86)\KeePass Password Safe 2\ShInstUtil.exe
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\wow64.dll
C:\Windows\System32\wow64cpu.dll
C:\Windows\System32\wow64win.dll

Signature

  • Status: Signature verified.
  • Serial: 57E66F7FA80DDA7E5D403D6863548CC6
  • Thumbprint: 3B82AC8D746DF6E395B76EC1BDC27CE25793D73B
  • Issuer: CN=Certum Code Signing CA SHA2, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL
  • Subject: E=cert@dominik-reichl.de, CN=”Open Source Developer, Dominik Reichl”, O=Open Source Developer, L=Metzingen, C=DE

File Metadata

  • Original Filename: ShInstUtil.exe
  • Product Name: ShInstUtil - KeePass Helper Utility
  • Company Name: Dominik Reichl
  • File Version: 2.46.0.0
  • Product Version: 2.46.0.0
  • Language: English (United States)
  • Legal Copyright: Copyright (c) 2007-2020 Dominik Reichl
  • Machine Type: 32-bit

File Scan

  • VirusTotal Detections: 0/71
  • VirusTotal Link: https://www.virustotal.com/gui/file/c12bcaa756684b396a7b8a7f25b08e0f31d0649b856156c7f95ac3b6543fd049/detection/

File Similarity (ssdeep match)

File Score
C:\program files (x86)\KeePass Password Safe 2\ShInstUtil.exe 83

Possible Misuse

The following table contains possible examples of ShInstUtil.exe being misused. While ShInstUtil.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
sigma registry_event_asep_reg_keys_modification_currentversion.yml - 'C:\Program Files\KeePass Password Safe 2\ShInstUtil.exe' DRL 1.0

MIT License. Copyright (c) 2020-2021 Strontic.